thehackernews.com Open in urlscan Pro
2606:4700:20::ac43:4615 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.acronis.online/u/nrd.php?p=MPkBbiuqhJ_57951_2683112_1_9&ems_l=3895902&i=1&d=MTc1MTMwNzcz%7CTVBrQmJpdXFoSg%3D%3D...
Effective URL:
https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MP...
Submission: On February 27 via api (February 27th 2021, 5:25:41 am UTC) from US

Summary HTTP 129 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 35 IPs in 7 countries across 24 domains to perform 129 HTTP transactions. The main IP is 2606:4700:20::ac43:4615, located in United States and belongs to CLOUDFLARENET, US. The main domain is thehackernews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 1st 2020. Valid for: a year.

This is the only time thehackernews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	217.175.192.22 217.175.192.22	1764 (NEXTLAYER-AS) (NEXTLAYER-AS)
10	2606:4700:20:... 2606:4700:20::ac43:4615	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
13	2a02:26f0:6c0... 2a02:26f0:6c00:2bd::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
6	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
8	213.254.244.15 213.254.244.15	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2	65.9.187.7 65.9.187.7	16509 (AMAZON-02) (AMAZON-02)
1 3	52.212.209.68 52.212.209.68	16509 (AMAZON-02) (AMAZON-02)
2	18.195.77.77 18.195.77.77	16509 (AMAZON-02) (AMAZON-02)
8	213.254.244.12 213.254.244.12	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
2	205.234.175.175 205.234.175.175	23352 (SERVERCEN...) (SERVERCENTRAL)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
4	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	13.224.192.34 13.224.192.34	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
10	99.86.3.68 99.86.3.68	16509 (AMAZON-02) (AMAZON-02)
1	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	213.19.147.210 213.19.147.210	3356 (LEVEL3) (LEVEL3)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
129	35

1 217.175.192.22 (Austria)

ASN1764 (NEXTLAYER-AS, AT)

link.acronis.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::ac43:4615 (United States)

ASN13335 (CLOUDFLARENET, US)

thehackernews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:26f0:6c00:2bd::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 213.254.244.15 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20518.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20231.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.187.7 (United States)

ASN16509 (AMAZON-02, US)

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.212.209.68 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-209-68.eu-west-1.compute.amazonaws.com

att.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.77.77 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-77-77.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 213.254.244.12 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20512.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20247.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.192.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-34.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 99.86.3.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-68.fra6.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.244 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

adpushup-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.210 (United Kingdom)

ASN3356 (LEVEL3, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	doubleverify.com cdn.doubleverify.com cdn3.doubleverify.com rtb0.doubleverify.com tps20518.doubleverify.com tps.doubleverify.com tps20512.doubleverify.com tps20231.doubleverify.com tps20247.doubleverify.com	227 KB
16	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	198 KB
13	doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	176 KB
10	trustarc.com choices.trustarc.com	32 KB
10	2mdn.net s0.2mdn.net	387 KB
10	thehackernews.com thehackernews.com	197 KB
6	adpushup.com cdn.adpushup.com e3.adpushup.com	214 KB
5	google.com fundingchoicesmessages.google.com www.google.com	95 KB
4	gstatic.com fonts.gstatic.com	125 KB
3	demdex.net 1 redirects att.demdex.net	2 KB
3	googletagservices.com www.googletagservices.com	51 KB
2	openx.net adpushup-d.openx.net u.openx.net Failed	774 B
2	amazon-adsystem.com c.amazon-adsystem.com	33 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	agkn.com d.agkn.com	1 KB
2	truste.com choices.truste.com	18 KB
2	cloudflare.com ajax.cloudflare.com cdnjs.cloudflare.com	33 KB
1	1rx.io tag.1rx.io	274 B
1	adnxs.com ib.adnxs.com acdn.adnxs.com Failed	712 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	googleapis.com fonts.googleapis.com	3 KB
1	google.de www.google.de	107 B
1	acronis.online link.acronis.online	862 B
0	rubiconproject.com Failed eus.rubiconproject.com Failed
129	24

	Domain	Requested by
11	pagead2.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com thehackernews.com ajax.cloudflare.com pagead2.googlesyndication.com www.googletagservices.com
11	cdn.doubleverify.com	thehackernews.com cdn.doubleverify.com link.acronis.online ad.doubleclick.net
10	choices.trustarc.com	choices.truste.com choices.trustarc.com
10	s0.2mdn.net	link.acronis.online s0.2mdn.net thehackernews.com
10	thehackernews.com	thehackernews.com
6	googleads4.g.doubleclick.net	link.acronis.online ad.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	e3.adpushup.com	cdn.adpushup.com
4	fundingchoicesmessages.google.com	link.acronis.online
4	tpc.googlesyndication.com	link.acronis.online tpc.googlesyndication.com
3	tps20247.doubleverify.com	cdn.doubleverify.com
3	tps20231.doubleverify.com	cdn.doubleverify.com
3	tps20512.doubleverify.com	thehackernews.com
3	att.demdex.net	1 redirects thehackernews.com
3	tps20518.doubleverify.com	thehackernews.com
3	ad.doubleclick.net	www.googletagservices.com
3	www.googletagservices.com	thehackernews.com www.googletagservices.com s0.2mdn.net
2	adpushup-d.openx.net	cdn.adpushup.com
2	c.amazon-adsystem.com	cdn.adpushup.com c.amazon-adsystem.com
2	securepubads.g.doubleclick.net	cdn.adpushup.com securepubads.g.doubleclick.net
2	www.google-analytics.com	link.acronis.online www.google-analytics.com
2	cdn.adpushup.com	link.acronis.online cdn.adpushup.com
2	tps.doubleverify.com	cdn.doubleverify.com
2	d.agkn.com	thehackernews.com
2	choices.truste.com	ad.doubleclick.net
2	rtb0.doubleverify.com	cdn.doubleverify.com
2	cdn3.doubleverify.com	cdn.doubleverify.com
1	ade.googlesyndication.com
1	tag.1rx.io	cdn.adpushup.com
1	ib.adnxs.com	cdn.adpushup.com
1	cdn.jsdelivr.net	cdn.adpushup.com
1	fonts.googleapis.com
1	www.google.de
1	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	cdnjs.cloudflare.com	link.acronis.online
1	ajax.cloudflare.com	thehackernews.com
1	link.acronis.online
0	eus.rubiconproject.com Failed	cdn.adpushup.com
0	acdn.adnxs.com Failed	cdn.adpushup.com
0	u.openx.net Failed	cdn.adpushup.com
129	42

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
feeds.feedburner.com
deals.thehackernews.com
thehackernews.tradepub.com
www.instagram.com
t.me
www.virustotal.com
objective-see.com
developer.apple.com
www.pcrisk.com
www.reddit.com
news.ycombinator.com
api.whatsapp.com
telegram.me
adclick.g.doubleclick.net

Subject Issuer	Validity	Valid
link.acronis.online R3	`2021-01-02` - `2021-04-02`	3 months	crt.sh
thehackernews.com Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.truste.com Amazon	`2021-02-16` - `2022-03-17`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2020-10-09` - `2021-10-29`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.adpushup.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-27` - `2022-08-29`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh

This page contains 19 frames:

Primary Page: https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61
Frame ID: 569710AD2029542039ED5E192D69F561
Requests: 97 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D0A915B1FB48179EAA2DD4BF92AD1858
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/8532760/1604331588775/728x90/Gartner-Oct2020-728x90.html
Frame ID: 2A3C27C70F09C6CE27CF0BD0FB39088A
Requests: 7 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: FDA4626710DC8D8F0C6FB111DA57CB89
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 31319C323A4BA417549BBB014CB40E05
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D25CCC61E5F11DAE0663E292B824D86E
Requests: 3 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 48391EEE31FE1B621F6DDD9C29972E35
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 97C410A99F547BBB3C493A7C9C80EA74
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements991.js
Frame ID: B5D99298BD56D927FEF0056B075B91B2
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/t2tv7.html
Frame ID: 0510584193AED2EBF3FEA5698071706B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4C00FBB06D49DF193468A2900EBCEFE1
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements991.js
Frame ID: A8EA4E89AC4E97A61E17CE07E8E40208
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/t2tv7.html
Frame ID: DE76B30F127D3A0956D018F31F4B9F01
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/zrt_lookup.html
Frame ID: 1E7C4A8F8AA1DA43CE26FC80D503F36E
Requests: 1 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: A795CF941FA2661A6F73D603C4CDBD1F
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 123A146DF43505EE7B9A4A7C0454713A
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1&gdpr=1&gdpr_consent=
Frame ID: BDE241DDAF11154A994C9086B6847198
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 3876D4684F5466420C72BAECEB9CBE09
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 344A1BC82AE3F38349E1EC01F5FAEBF8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://link.acronis.online/u/nrd.php?p=MPkBbiuqhJ_57951_2683112_1_9&ems_l=3895902&i=1&d=MTc1MTMwNzcz%7C... Page URL
https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

129
Requests

98 %
HTTPS

50 %
IPv6

24
Domains

42
Subdomains

35
IPs

7
Countries

1879 kB
Transfer

4943 kB
Size

1
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/thehackernews
Title: 

Search URL Search Domain Scan URL

URL: https://twitter.com/thehackersnews
Title: 

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/thehackernews/
Title: 

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/thehackernews?sub_confirmation=1
Title: 

Search URL Search Domain Scan URL

URL: https://feeds.feedburner.com/TheHackersNews
Title: 

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/
Title:  Offers

Search URL Search Domain Scan URL

URL: https://thehackernews.tradepub.com/
Title: Free eBooks

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/free
Title: Freebies

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thehackernews/
Title: 

Search URL Search Domain Scan URL

URL: https://t.me/joinchat/AAAAADwuDObFWF60CiR-HQ
Title:  Telegram Channel

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/b94e5666d0afc1fa49923c7a7faaa664f51f0581ec0192a08218d68fb079f3cf/detection
Title: uploaded

Search URL Search Domain Scan URL

URL: https://objective-see.com/blog/blog_0x62.html
Title: said

Search URL Search Domain Scan URL

URL: https://developer.apple.com/documentation/apple_silicon/about_the_rosetta_translation_environment
Title: Rosetta

Search URL Search Domain Scan URL

URL: https://objective-see.com/blog/blog_0x0E.html
Title: documented

Search URL Search Domain Scan URL

URL: https://www.pcrisk.com/removal-guides/15842-pirrit-adware-mac
Title: Pirrit

Search URL Search Domain Scan URL

URL: https://www.pcrisk.com/removal-guides/19782-gosearch22-virus-mac
Title: GoSearch22

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-apple-m1.html
Title: 

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-apple-m1.html&text=First%20Malware%20Designed%20for%20Apple%20M1%20Chip%20Discovered%20in%20the%20Wild&via=TheHackersNews
Title: 

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-apple-m1.html
Title: 

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-apple-m1.html
Title: Share on Reddit

Search URL Search Domain Scan URL

URL: https://news.ycombinator.com/submitlink?u=https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-apple-m1.html&t=First%20Malware%20Designed%20for%20Apple%20M1%20Chip%20Discovered%20in%20the%20Wild
Title: Share on Hacker News

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=First%20Malware%20Designed%20for%20Apple%20M1%20Chip%20Discovered%20in%20the%20Wild%20%E2%80%94%20https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-apple-m1.html
Title: Share on WhatsApp

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-apple-m1.html&text=First%20Malware%20Designed%20for%20Apple%20M1%20Chip%20Discovered%20in%20the%20Wild
Title: Share on Telegram

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjst8GeeEvE1ju2Vvn8iWXgyjOiiKk2G0oam85klu4l0aOlaQqC-gxi5y2vlu5StQbP_-0xoHINEztup6r2pHibbTiHAUVp9whBcKkc0VaaI-SGV_NmIvNOZxCZbbkuT2d8RqAf1zmssPu-hDp3mXB3IOnl4rqKtKktS_l09HMUrC-oa01UoEy8joXy-lJ7vNqbTF77-MaC8&sig=Cg0ArKJSzKc6mTV0jVss&urlfix=1&adurl=https://d.agkn.com/pixel/2389/%3Fche%3D3589390598%26col%3D24935727,5936378,292494536,486197547,144332637%26l0%3Dhttp://att.demdex.net/event%3Fd_event%3Dclick%26d_src%3D127123%26d_adsrc%3D6141273%26d_campaign%3D24935727%26d_placement%3D292494536%26d_site%3D5936378%26d_creative%3D144332637%26d_adgroup%3D486197547%26d_rd%3Dhttps://cybersecurity.att.com/resource-center/white-papers/cybersecurity-insights-report-tenth-edition%253Futm_medium%253DAdvertising%2526utm_source%253Dthn%2526utm_campaign%253DSOC-eBook%2526source%253DEBBrHNAVT00AvtDyO%2526type%253Ddisplay%2526LNS%253DTP_OT_MLT_DSP_0720%2526gcm_uid%253D0%2526dclid%253D%2525edclid!

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjstHokbFDq6BhFNB6w_XUYKlXIeqA8NUaF7SkdJD-0j9ZQ-n_ZbXO4YB29lEYc1jSpwDjxrC4Um3M5n2CJzf-tPS--s3WkSkJYklLxINxVRWsvFo78LFM3nJ_QhkMUdlfnfNHJ6c8gPUKUsphYxD2OADEJlVc1hkP1cUhB_C24l8d-gW0vQxocSFnLZ7KOpBpG58NaXgXNo&sig=Cg0ArKJSzKNuw9v853Yu&urlfix=1&adurl=https://d.agkn.com/pixel/2389/%3Fche%3D778830019%26col%3D24935727,5936378,292495514,485910716,144332127%26l0%3Dhttp://att.demdex.net/event%3Fd_event%3Dclick%26d_src%3D127123%26d_adsrc%3D6141273%26d_campaign%3D24935727%26d_placement%3D292495514%26d_site%3D5936378%26d_creative%3D144332127%26d_adgroup%3D485910716%26d_rd%3Dhttps://cybersecurity.att.com/resource-center/white-papers/cybersecurity-insights-report-tenth-edition%253Futm_medium%253DAdvertising%2526utm_source%253Dthn%2526utm_campaign%253DSOC-eBook%2526source%253DEBBrHNAVT00AvtDyO%2526type%253Ddisplay%2526LNS%253DTP_OT_MLT_DSP_0720%2526gcm_uid%253D0%2526dclid%253D%2525edclid!

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/the-2019-ethical-hacker-masterclass-bundle
Title: <img alt='Learn Ethical Hacking Online' class='deal-link' src='https://thehackernews.com/images/-6bFLF28Wvxc/XHaUg588fBI/AAAAAAAAAGU/USPKfrcXaLgzaOBfKGb92v-0T12CIaK9wCLcBGAs/s260-e100/learn-hacking-training.jpg'/> Ethical Hacking - Practical Training 10 courses + 1,236 lessons on latest techniques, forensics, malware analysis, network security and programming.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/lifetime-access-to-stackskills-unlimited
Title: <img alt='Unlimited Secure VPN Service' class='deal-link' src='https://thehackernews.com/images/-NnUk1eJVmVk/XHggwOYT51I/AAAAAAAAzbg/_5sUNHfsdiYDo-si4rya7tVT4pSZI0qSACLcBGAs/s260-e100/unlimited-vpn.jpg'/> 1000+ Premium Online Courses With course certification, Q/A webinars and lifetime access.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/the-cybersecurity-expert-certification-training-bundle
Title: <img alt='Best Hacking Books' class='deal-link' src='https://thehackernews.com/images/-4fAuruXOrkE/XDW4dE5zVMI/AAAAAAAAy9A/K13EeHK67NM69FUaCYDYtunHofUHjtt4wCLcBGAs/s260-e100/hacking-cybersecurity-books.jpg'/> Cybersecurity Certification Training CISA, CISM, CISSP, PMI-RMP, and COBIT 5 certifications.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/sales/the-complete-2020-comptia-certification-training-bundle
Title: <img alt='Cisco Certification Courses' class='deal-link' src='https://thehackernews.com/images/-2nVCe__qYkc/WxVG9s8C7CI/AAAAAAAAw6Q/fFsdOSE-DEYDqqf3z9KWus0oBWdbzAkAgCLcBGAs/s260-e100/cisco-it-networking-certification.png'/> CompTIA IT Certification Training Lifetime access to 14 expert-led courses.

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/citizengoods-exclusives
Title: Exclusives

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/hacking
Title: Hacking

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/shop-by-specialization-developer
Title: Development

Search URL Search Domain Scan URL

URL: https://deals.thehackernews.com/collections/shop-by-interest-android
Title: Android

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.acronis.online/u/nrd.php?p=MPkBbiuqhJ_57951_2683112_1_9&ems_l=3895902&i=1&d=MTc1MTMwNzcz%7CTVBrQmJpdXFoSg%3D%3D%7CMjAyMS0wMi0yNisxNiUzQTAwJTNBMDA%3D%7CTkwtMjAyMS0wMi11cy1zZy1zYS1pbC1tZS1ta3RvLWV0LXRyaWFscw%3D%3D%7C%7CYTFjOGNkYzRiZGNlMjhhNjE%3D%7C Page URL
https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://att.demdex.net/event?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144332637&d_placement=292494536&d_campaign=24935727&d_site=5936378 HTTP 302
https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144332637&d_placement=292494536&d_campaign=24935727&d_site=5936378

Request Chain 133

https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent= HTTP 302
https://u.openx.net/w/1.0/pd?cc=1&gdpr=1&gdpr_consent=

129 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK nrd.php Show response
link.acronis.online/u/ 1 KB
862 B 375ms
205ms Document
text/html 217.175.192.22
NEXTLAYER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://link.acronis.online/u/nrd.php?p=MPkBbiuqhJ_57951_2683112_1_9&ems_l=3895902&i=1&d=MTc1MTMwNzcz%7CTVBrQmJpdXFoSg%3D%3D%7CMjAyMS0wMi0yNisxNiUzQTAwJTNBMDA%3D%7CTkwtMjAyMS0wMi11cy1zZy1zYS1pbC1tZS1ta3RvLWV0LXRyaWFscw%3D%3D%7C%7CYTFjOGNkYzRiZGNlMjhhNjE%3D%7C

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

217.175.192.22 , Austria, ASN1764 (NEXTLAYER-AS, AT),

Reverse DNS

Software

Apache /

Resource Hash

a3e7972d50eeb5bc2bf543b00efb4bb60922d7d427067608905bf0aef0a78402

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Host: link.acronis.online
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:25:22 GMT
server: Apache
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
content-encoding: gzip
x-af: suite17-web3
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
content-length: 484
content-type: text/html; charset=utf-8
x-hf: suite-haproxy01d

GET
H2 200 Primary Request first-malware-designed-for-apple-m1.html Show response
thehackernews.com/2021/02/ 118 KB
42 KB 639ms
622ms Document
text/html 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordPress VIP

Resource Hash

fbb2434c34b639134a2ea1f493d5c1b62bc961ebee149918cc57978d6343387c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: thehackernews.com
:scheme: https
:path: /2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://link.acronis.online/u/nrd.php?p=MPkBbiuqhJ_57951_2683112_1_9&ems_l=3895902&i=1&d=MTc1MTMwNzcz%7CTVBrQmJpdXFoSg%3D%3D%7CMjAyMS0wMi0yNisxNiUzQTAwJTNBMDA%3D%7CTkwtMjAyMS0wMi11cy1zZy1zYS1pbC1tZS1ta3RvLWV0LXRyaWFscw%3D%3D%7C%7CYTFjOGNkYzRiZGNlMjhhNjE%3D%7C
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://link.acronis.online/u/nrd.php?p=MPkBbiuqhJ_57951_2683112_1_9&ems_l=3895902&i=1&d=MTc1MTMwNzcz%7CTVBrQmJpdXFoSg%3D%3D%7CMjAyMS0wMi0yNisxNiUzQTAwJTNBMDA%3D%7CTkwtMjAyMS0wMi11cy1zZy1zYS1pbC1tZS1ta3RvLWV0LXRyaWFscw%3D%3D%7C%7CYTFjOGNkYzRiZGNlMjhhNjE%3D%7C

Response headers

date: Sat, 27 Feb 2021 05:25:23 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d6257e7f6ec2784baf237f186c81644241614403522; expires=Mon, 29-Mar-21 05:25:22 GMT; path=/; domain=.thehackernews.com; HttpOnly; SameSite=Lax; Secure
cf-ray: 627f7c20fd529808-FRA
cache-control: private, max-age=0
expires: Sat, 27 Feb 2021 05:25:23 GMT
last-modified: Fri, 26 Feb 2021 21:34:16 GMT
link: </css/roboto.css>; as=style; rel=preload
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
cf-request-id: 08838be89d000098089c249000000001
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: WordPress VIP
x-xss-protection: 1; mode=block
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GNnQ%2BnKj%2Fkkq4Zhsf8e0OfZp%2FchOB%2F99XrC4sDcRWR3P17c35hiep4Kwh%2FyW7jSUjl1R%2FOMOfnKqv%2BfPzcGppVT3h8BlZWdzzKseCRgamyRrzM1CJ2%2Ft2wuulI5Qog%3D%3D"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-h2-pushed: </css/roboto.css>

GET
H2 200 roboto.css
thehackernews.com/css/ 77 KB
58 KB 10ms
0ms Stylesheet
text/css 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehackernews.com/css/roboto.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d8ab8467b889847c12c542bee765afc54acbaff1cc91ce3197ab4f2be8f08ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lR7A1z91rTapdBJUIvYRcD%2FbA9dYXUzQflAnPn%2BmFeBKBEcEL6K8N3HHV%2FH5GKirybb8FBi0qHjGAXX6DitE%2B5VNTU8%2Bbctrgj5lGrRWAHoZRQzlSxBccE3sVBkH%2Bg%3D%3D"}],"max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, immutable
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 627f7c24dde39808-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08838beb0600009808930f0000000001

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ 5 KB
3 KB 25ms
5ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: thehackernews.com
URL: https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46692916c4ed38bcfb441a383fb3e958e5a88be22b82e505a6db06e9d5be6117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 17:29:32 GMT
server: sffe
age: 1485
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2587
x-xss-protection: 0
expires: Sat, 27 Feb 2021 06:00:38 GMT

GET
H2 200 apple-m1-malware.jpg
thehackernews.com/images/-tt_X2F77YpE/YC4-sdRLhxI/AAAAAAAAB0I/X1gp2IO8mUUMnFcRNIoUdwMbZI27VL80ACLcBGAsYHQ/s0/ 56 KB
56 KB 29ms
28ms Image
image/jpeg 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-tt_X2F77YpE/YC4-sdRLhxI/AAAAAAAAB0I/X1gp2IO8mUUMnFcRNIoUdwMbZI27VL80ACLcBGAsYHQ/s0/apple-m1-malware.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac82ef6e754c2cc7414f9e5eb7fc731ac2d95e632ab29f28394a5e7ab885f34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:25:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 77729
cf-polished: origSize=59924, status=webp_bigger
content-disposition: inline;filename="apple-m1-malware.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56975
x-xss-protection: 0
expires: Tue, 23 Feb 2021 13:26:12 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "v743"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NseLe8BZibQhxYIIrLczci8H8ZK9FHgFIuSPL%2F0izVMenM91fgUL%2FDNJe%2BVleHG%2BlLFbQSCfd012zS%2FJxiTGKZXE0Ve0gKkV5X3QIk1av56jVfZIpzrdui15U8QRDg%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 08838beb2200009808b19a5000000001
accept-ranges: bytes
cf-ray: 627f7c250dea9808-FRA
access-control-expose-headers: Content-Length

GET
H2 200 mac0s-malware.jpg
thehackernews.com/images/-elvYzIjRKbo/YC49jgE-SgI/AAAAAAAABz8/bsN84pcrgYIATVMCyD33jjFE2VzXWyfYgCLcBGAsYHQ/s728-e1000/ 22 KB
22 KB 30ms
29ms Image
image/jpeg 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-elvYzIjRKbo/YC49jgE-SgI/AAAAAAAABz8/bsN84pcrgYIATVMCyD33jjFE2VzXWyfYgCLcBGAsYHQ/s728-e1000/mac0s-malware.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

633b9a7b81352810adc0d65fd98e1fc4dfcfe77fad4a2b46bfa3b690f64831ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:25:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 76011
cf-polished: origSize=25178, status=webp_bigger
content-disposition: inline;filename="mac0s-malware.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22359
x-xss-protection: 0
expires: Wed, 15 Nov 2023 10:25:33 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "v740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wJaKlJMlR6XxFyQ3FnGVa%2BZDOCZFC3vGmmpvCrHeWWdQYrO8r9qszRZC0eaojsouQ%2FjLrYXsL8yj9M3EisK%2BPS81c5ABuSUuHtUALJ2C3aVibhK6Sg93DA0Y5pEcOw%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 08838beb2300009808988cf000000001
accept-ranges: bytes
cf-ray: 627f7c250dec9808-FRA
access-control-expose-headers: Content-Length

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6a9d65e5bd6eb2447ea57e398e1d30f3c6e2d022ecf195933d161ffed964690

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ 2 KB
2 KB 20ms
7ms Script
application/javascript 2a02:26f0:6c00:2bd::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292494536%26sid%3D5936378%26dvregion%3D2%26unit%3D300x250
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bd::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8d6487dc2599772b6ccb8ed3c214aefeddf16e73d868abb94f2223c133af06d0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 05:25:23 GMT
Content-Encoding: gzip
Last-Modified: Sun, 16 Aug 2020 05:50:11 GMT
Server: Microsoft-IIS/10.0
ETag: "ec21f1b9173d61:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ 2 KB
2 KB 18ms
6ms Script
application/javascript 2a02:26f0:6c00:2bd::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292495514%26sid%3D5936378%26dvregion%3D2%26unit%3D728x90
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bd::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8d6487dc2599772b6ccb8ed3c214aefeddf16e73d868abb94f2223c133af06d0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 05:25:23 GMT
Content-Encoding: gzip
Last-Modified: Sun, 16 Aug 2020 05:50:11 GMT
Server: Microsoft-IIS/10.0
ETag: "ec21f1b9173d61:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 26ms
8ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 08838beb3a00004e80cb88f000000001
last-modified: Thu, 18 Feb 2021 13:46:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"602e6fce-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DCZxATHX3PHF8Ji0CTyXGPbGFszZcZsF1tbhcz%2BaZnmBxCVo%2BRY2IuJTjKZZEH4IJ6AvzbG9SdvhkYowjlkbiUSz%2FiQI%2BqMByeKMm0VRVmIroIeBJwiUpHNCh%2F4MbITo"}]}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 627f7c252f024e80-FRA
expires: Mon, 01 Mar 2021 05:25:23 GMT

GET
H3-Q050 200 impl_v68.js Show response
www.googletagservices.com/dcm/ 36 KB
15 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v68.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d009b17e40dccf63690c8420591b50a2d8b4cdc2dcb8721b5ed1e00eccacb103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 22 Feb 2021 17:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Feb 2021 15:22:11 GMT
server: sffe
age: 390286
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15248
x-xss-protection: 0
expires: Tue, 22 Feb 2022 17:00:37 GMT

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32c80a55d06b9da550f41424241174895bdbe1dd174ee1d015a4d56747cd2a99

Request headers

Origin: https://thehackernews.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a71328300f380217ae0abf7f805052a10a0c196cb241eb97adf9b905e4a48c8a

Request headers

Origin: https://thehackernews.com
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f03c3526dd6db1c340c972db0194f8b732611626e1bcde62426d70a68c7a023b

Request headers

Origin: https://thehackernews.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 200 B24029648.272043563;dc_ver=68.195;sz=728x90;u_sd=1;dc_adk=4037400832;ord=1bv8k8;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-apple-m1.html%3Fsc_src%3Demail_2683... Show response
ad.doubleclick.net/ddm/adj/N510001.3381407THEHACKERNEWS/ 36 KB
16 KB 150ms
66ms Script
text/javascript 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N510001.3381407THEHACKERNEWS/B24029648.272043563;dc_ver=68.195;sz=728x90;u_sd=1;dc_adk=4037400832;ord=1bv8k8;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-apple-m1.html%3Fsc_src%3Demail_2683112%26sc_lid%3D175130773%26sc_uid%3DMPkBbiuqhJ%26sc_llid%3D57951%26utm_campaign%3D2021-02-26%2B16%253A00%253A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials%26utm_source%3Demail%26utm_medium%3Demail%26sc_customer%3D%26sc_eh%3Da1c8cdc4bdce28a61$0;xdt=0;crlt=Fvz-tslNaX;sttr=267;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v68.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

1ebad887a7f6076781307895d6c84a7534f5a7d2cdd3b31fd8fc8f049ff3a108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 05:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16102
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ 111 KB
39 KB 38ms
5ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: link.acronis.online
URL: https://link.acronis.online/u/nrd.php?p=MPkBbiuqhJ_57951_2683112_1_9&ems_l=3895902&i=1&d=MTc1MTMwNzcz%7CTVBrQmJpdXFoSg%3D%3D%7CMjAyMS0wMi0yNisxNiUzQTAwJTNBMDA%3D%7CTkwtMjAyMS0wMi11cy1zZy1zYS1pbC1tZS1ta3RvLWV0LXRyaWFscw%3D%3D%7C%7CYTFjOGNkYzRiZGNlMjhhNjE%3D%7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thehackernews.com
Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 14:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52603
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Feb 2021 14:48:40 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20110914/elements/html/ 9 KB
4 KB 38ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N510001.3381407THEHACKERNEWS/B24029648.272043563;dc_ver=68.195;sz=728x90;u_sd=1;dc_adk=4037400832;ord=1bv8k8;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-apple-m1.html%3Fsc_src%3Demail_2683112%26sc_lid%3D175130773%26sc_uid%3DMPkBbiuqhJ%26sc_llid%3D57951%26utm_campaign%3D2021-02-26%2B16%253A00%253A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials%26utm_source%3Demail%26utm_medium%3Demail%26sc_customer%3D%26sc_eh%3Da1c8cdc4bdce28a61$0;xdt=0;crlt=Fvz-tslNaX;sttr=267;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4b3a2a3d13b57f07aa855cf974c90cad593a53ac0f53cdc58d5f49c91eb2092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3412
x-xss-protection: 0
server: cafe
etag: 11901405240610023202
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Mar 2021 05:24:38 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ 41 KB
15 KB 37ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 18:17:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40052
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 18:17:51 GMT

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe94fcc14c2b9f93c39cbe038796bff0ebc07a140ebd15e66b3a897b6a25bc82

Request headers

Origin: https://thehackernews.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 442 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6795c5c8b9b0aeb87d6663ccd7a71fb9d2f2817fe9b5c2e67bce0d5a5e1309a1

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dvbs_src_internal79.js Show response
cdn.doubleverify.com/ 53 KB
17 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2bd::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal79.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292494536%26sid%3D5936378%26dvregion%3D2%26unit%3D300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bd::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 40adb937145b21abf0b1dde7dfa4d0a80be21ce7bf7d4f85ca944022a23c6785

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 27 Feb 2021 05:25:23 GMT
Content-Encoding: gzip
Last-Modified: Sun, 16 Aug 2020 05:50:23 GMT
Server: Microsoft-IIS/10.0
ETag: "8039e3219173d61:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16756

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D0A9 22 KB
9 KB 35ms
22ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thehackernews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Feb 2021 18:17:52 GMT
expires: Sat, 26 Feb 2022 18:17:52 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 40051
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 107 KB
33 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342950420569"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33470
x-xss-protection: 0
expires: Sat, 27 Feb 2021 05:25:23 GMT

GET
H3-Q050 200 Gartner-Oct2020-728x90.html Show response
s0.2mdn.net/8532760/1604331588775/728x90/ Frame 2A3C 6 KB
3 KB 36ms
20ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8532760/1604331588775/728x90/Gartner-Oct2020-728x90.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8281f97a76006daca6af61a6520da862a0431fe89315aec52cb3954090a51ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /8532760/1604331588775/728x90/Gartner-Oct2020-728x90.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thehackernews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2352
date: Fri, 26 Feb 2021 05:29:18 GMT
expires: Sat, 27 Feb 2021 05:29:18 GMT
last-modified: Mon, 02 Nov 2020 15:39:48 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 86166
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
437 B 135ms
48ms Other
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyjulWzRp3JSMzvZL7pPC0tkhgYNGIinfwaHlITeAn2SyVOR60Wnn7nss9gnSezhO6YTn3YI_pzXRfnrByLhvL6Avig1ko3zTYyxt3artiK7fwQ_kZRQH7Y7EjcFm8&sig=Cg0ArKJSzPaR9zLM1m5sEAE&urlfix=1&omid=0&rm=1&ctpt=152&cbvp=1&cstd=148&cisv=r20210224.16776&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 27 Feb 2021 05:25:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame FDA4 1 KB
1 KB 21ms
6ms Document
text/html 2a02:26f0:6c00:2bd::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal79.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bd::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://thehackernews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 806
Cache-Control: max-age=75145
Date: Sat, 27 Feb 2021 05:25:24 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ 1 KB
916 B 146ms
48ms Script
text/javascript 213.254.244.15
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_392382541071&jsTagObjCallback=__tagObject_callback_392382541071&num=6&ctx=&cmp=&plc=&sid=&advid=&adsrv=&unit=&isdvvid=&uid=392382541071&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dup=null&brid=0&brver=&bridua=3&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&aUrlD=&m1=13&noc=16&fcifrms=3&brh=2&fwc=0&flt=1&fec=398&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=128&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau_aTau7%3ACDE%5C%3E2%3DH2C6%5C56D%3A8%3F65%5C7%40C%5C2AA%3D6%5C%3E%60%5D9E%3E%3DTbuD40DC4Tbs6%3E2%3A%3D0aegb%60%60aTaeD40%3D%3A5Tbs%60fd%60b_ffbTaeD40F%3A5Tbs%7C!%3Cq3%3AFB9yTaeD40%3D%3D%3A5Tbsdfhd%60TaeFE%3E042%3EA2%3A8%3FTbsa_a%60%5C_a%5CaeTaq%60eTadbp__Tadbp__%5C%7D%7B%5Ca_a%60%5C_a%5CFD%5CD8%5CD2%5C%3A%3D%5C%3E6%5C%3E%3CE%40%5C6E%5CEC%3A2%3DDTaeFE%3E0D%40FC46Tbs6%3E2%3A%3DTaeFE%3E0%3E65%3AF%3ETbs6%3E2%3A%3DTaeD404FDE%40%3E6CTbsTaeD4069Tbs2%604g454c3546ag2e%60U2%26C%3Dl
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal79.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.15 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d7bc4f16e85842b6cb7d37d0deca1c19076337deed9a719f8ac1618fb62a4bd7

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
X-DV-Response: 0
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Date: Sat, 27 Feb 2021 05:25:23 GMT
Expires: 2/26/2021 5:25:24 AM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame 3131 4 KB
2 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00:2bd::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-match6.js
Requested by: Host: link.acronis.online
URL: https://link.acronis.online/u/nrd.php?p=MPkBbiuqhJ_57951_2683112_1_9&ems_l=3895902&i=1&d=MTc1MTMwNzcz%7CTVBrQmJpdXFoSg%3D%3D%7CMjAyMS0wMi0yNisxNiUzQTAwJTNBMDA%3D%7CTkwtMjAyMS0wMi11cy1zZy1zYS1pbC1tZS1ta3RvLWV0LXRyaWFscw%3D%3D%7C%7CYTFjOGNkYzRiZGNlMjhhNjE%3D%7C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bd::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 05:25:24 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=13730
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

GET
H3-Q050 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2A3C 186 KB
48 KB 28ms
19ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8532760/1604331588775/728x90/Gartner-Oct2020-728x90.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8532760/1604331588775/728x90/Gartner-Oct2020-728x90.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Feb 2021 05:25:24 GMT

GET
H3-Q050 200 Gartner-Oct2020-728x90.js Show response
s0.2mdn.net/8532760/1604331588775/728x90/ Frame 2A3C 143 KB
19 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8532760/1604331588775/728x90/Gartner-Oct2020-728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8532760/1604331588775/728x90/Gartner-Oct2020-728x90.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d7a1391ed3d30024786bd6a6b03b10fe4ed9a2a636719d430143e55161b4266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8532760/1604331588775/728x90/Gartner-Oct2020-728x90.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 22:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25805
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19121
x-xss-protection: 0
last-modified: Mon, 02 Nov 2020 15:39:49 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 27 Feb 2021 22:15:19 GMT

GET
H3-Q050 200 gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js Show response
pagead2.googlesyndication.com/bg/ Frame D0A9 14 KB
6 KB 34ms
16ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:32:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 129180
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6234
x-xss-protection: 0
expires: Fri, 25 Feb 2022 17:32:24 GMT

GET
H3-Q050 200 FlashAICBAssets.png
s0.2mdn.net/8532760/1604331588775/728x90/images/ Frame 2A3C 86 KB
86 KB 8ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8532760/1604331588775/728x90/images/FlashAICBAssets.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea03b7e6fd91c6e179315d87523caf430b5680d9c5a37890fc4eff5bbde184e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8532760/1604331588775/728x90/Gartner-Oct2020-728x90.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 08:49:45 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Nov 2020 15:39:49 GMT
server: sffe
age: 74139
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88287
x-xss-protection: 0
expires: Sat, 27 Feb 2021 08:49:45 GMT

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ 0
424 B 143ms
47ms Other
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 27 Feb 2021 05:25:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK bsevent.gif
tps20518.doubleverify.com/ 807 B
1 KB 134ms
44ms Image
image/gif 213.254.244.15
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20518.doubleverify.com/bsevent.gif?impid=5e2ac84502ce40348a50ebffa4aea94b&dvp_or2=1&cbust=1614403524162595
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.15 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Feb 2021 05:25:23 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 2/26/2021 5:25:24 AM

GET
H/1.1 200
OK bsevent.gif
tps20518.doubleverify.com/ 807 B
1 KB 135ms
45ms Image
image/gif 213.254.244.15
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20518.doubleverify.com/bsevent.gif?impid=5e2ac84502ce40348a50ebffa4aea94b&vfdur=147&cbust=1614403524162567
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.15 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Feb 2021 05:25:23 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 2/26/2021 5:25:24 AM

GET
H3-Q050 200 B24935727.292494536;dc_ver=68.195;sz=300x250;u_sd=1;u=__AP1_np_dv_90d7z04l1voPA__;dc_adk=2533488392;ord=lj76jm;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-appl... Show response
ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/ 31 KB
16 KB 124ms
79ms Script
text/javascript 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=68.195;sz=300x250;u_sd=1;u=__AP1_np_dv_90d7z04l1voPA__;dc_adk=2533488392;ord=lj76jm;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-apple-m1.html%3Fsc_src%3Demail_2683112%26sc_lid%3D175130773%26sc_uid%3DMPkBbiuqhJ%26sc_llid%3D57951%26utm_campaign%3D2021-02-26%2B16%253A00%253A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials%26utm_source%3Demail%26utm_medium%3Demail%26sc_customer%3D%26sc_eh%3Da1c8cdc4bdce28a61$0;xdt=0;crlt=Fvz-tslNaX;sttr=1;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v68.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

63be1bc0d7121438a70b91563e021cc1d6dab42d22e93d2569861de6d6c8768e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 05:25:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15953
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 gartner.png
s0.2mdn.net/8532760/1604331588775/728x90/images/ Frame 2A3C 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8532760/1604331588775/728x90/images/gartner.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c68598dc07e2b0b2210a69fe0c7776257b7e63468f354a4260bf7c92a9bed148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8532760/1604331588775/728x90/Gartner-Oct2020-728x90.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 08:49:45 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Nov 2020 15:39:48 GMT
server: sffe
age: 74139
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2741
x-xss-protection: 0
expires: Sat, 27 Feb 2021 08:49:45 GMT

GET
H3-Q050 200 MIMETMsm.png
s0.2mdn.net/8532760/1604331588775/728x90/images/ Frame 2A3C 13 KB
13 KB 8ms
6ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8532760/1604331588775/728x90/images/MIMETMsm.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c6a18b22a83fa93e8c85c67e4adbcdcabee898093e655ea7b5e2257dbe9191d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8532760/1604331588775/728x90/Gartner-Oct2020-728x90.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 02:20:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Nov 2020 15:39:49 GMT
server: sffe
age: 11091
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13461
x-xss-protection: 0
expires: Sun, 28 Feb 2021 02:20:33 GMT

GET
H3-Q050 200 shdw728x90.png
s0.2mdn.net/8532760/1604331588775/728x90/images/ Frame 2A3C 13 KB
13 KB 7ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8532760/1604331588775/728x90/images/shdw728x90.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e7c07bacee2fbb7e0ed86b9c618631d00003f742a28efb49dc809a166992dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8532760/1604331588775/728x90/Gartner-Oct2020-728x90.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 02:20:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Nov 2020 15:39:48 GMT
server: sffe
age: 11090
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13337
x-xss-protection: 0
expires: Sun, 28 Feb 2021 02:20:34 GMT

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ 0
22 B 48ms
47ms Other
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsslifTNAKzV9w5VbxDnz9xJnVeuPMmhKEzHRQTAxsfnLyDMV23y36xIsyvH3CGBiSFIM-2C6sqDNu1yPsU2qvob1oXNMvEyXNXk2KtCMtGzHe9CGXIu84ykvM9DA1HXPM35dNWliZB8-OY4DdN6Zg6y6uKDYMBHXKwbHFKJGaf1&sig=Cg0ArKJSzJtFyIaJifRxEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210224.83029&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=68.195;sz=300x250;u_sd=1;u=__AP1_np_dv_90d7z04l1voPA__;dc_adk=2533488392;ord=lj76jm;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-apple-m1.html%3Fsc_src%3Demail_2683112%26sc_lid%3D175130773%26sc_uid%3DMPkBbiuqhJ%26sc_llid%3D57951%26utm_campaign%3D2021-02-26%2B16%253A00%253A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials%26utm_source%3Demail%26utm_medium%3Demail%26sc_customer%3D%26sc_eh%3Da1c8cdc4bdce28a61$0;xdt=0;crlt=Fvz-tslNaX;sttr=1;prcl=s

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 27 Feb 2021 05:25:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 ca Show response
choices.truste.com/ 28 KB
9 KB 193ms
66ms Script
text/javascript 65.9.187.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.truste.com/ca?pid=att01&aid=att_hs&cid=24935727_144332637_292494536&js=st0
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=68.195;sz=300x250;u_sd=1;u=__AP1_np_dv_90d7z04l1voPA__;dc_adk=2533488392;ord=lj76jm;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-apple-m1.html%3Fsc_src%3Demail_2683112%26sc_lid%3D175130773%26sc_uid%3DMPkBbiuqhJ%26sc_llid%3D57951%26utm_campaign%3D2021-02-26%2B16%253A00%253A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials%26utm_source%3Demail%26utm_medium%3Demail%26sc_customer%3D%26sc_eh%3Da1c8cdc4bdce28a61$0;xdt=0;crlt=Fvz-tslNaX;sttr=1;prcl=s
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.187.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 340c7ab919ef73763dba8fb069eff888766892ee21be0023f97908a7e087b7e2

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 01:46:32 GMT
content-encoding: gzip
server: nginx
age: 13132
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 f857c6fa23ed7b2d0b237aefe9c50960.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: n-7a6t4l0UTRYle46DIkR7C3hPvdaoF0itxJZsLYWdLj2hT_W62uFw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ 7 KB
4 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:2bd::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=607671&cmp=24935727&sid=5936378&plc=292494536&num=&adid=&advid=6141273&adsrv=1&region=30&btreg=486197547&btadsrv=doubleclick&crt=144332637&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src&dvp_att_uid=__AP1_np_dv_90d7z04l1voPA__
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292494536;dc_ver=68.195;sz=300x250;u_sd=1;u=__AP1_np_dv_90d7z04l1voPA__;dc_adk=2533488392;ord=lj76jm;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-apple-m1.html%3Fsc_src%3Demail_2683112%26sc_lid%3D175130773%26sc_uid%3DMPkBbiuqhJ%26sc_llid%3D57951%26utm_campaign%3D2021-02-26%2B16%253A00%253A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials%26utm_source%3Demail%26utm_medium%3Demail%26sc_customer%3D%26sc_eh%3Da1c8cdc4bdce28a61$0;xdt=0;crlt=Fvz-tslNaX;sttr=1;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bd::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 85dfa91c770fb65bcac7572380ee5599fba69e3315830cb9a6f177b8287b04e6

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 05:25:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Feb 2021 15:17:46 GMT
Server: Microsoft-IIS/10.0
ETag: "354c565f89bd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=10800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3552

GET
H3-Q050 200 I_ABU_AVT_3_STB_MOB_300x250_S_N_EN_NA_ABS_AVT_TenthEdition_NA_NA_01-08_01_MF.jpg
s0.2mdn.net/6141273/ 131 KB
131 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6141273/I_ABU_AVT_3_STB_MOB_300x250_S_N_EN_NA_ABS_AVT_TenthEdition_NA_NA_01-08_01_MF.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2842ab20cc17cb61e32799c8cff642f37a20a933b12f678628b4666c0311f78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 14:13:07 GMT
x-content-type-options: nosniff
last-modified: Fri, 08 Jan 2021 23:43:35 GMT
server: sffe
age: 54737
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133793
x-xss-protection: 0
expires: Sat, 27 Feb 2021 14:13:07 GMT

GET
H/1.1

200
OK

firstevent
att.demdex.net/
Redirect Chain

https://att.demdex.net/event?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144332637&d_placement=292494536&d_campaign=24935727&d_site=5936378
https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144332637&d_placement=292494536&d_campaign=24935727&d_site=5936378

42 B
915 B

64ms
64ms

Image
image/gif

52.212.209.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144332637&d_placement=292494536&d_campaign=24935727&d_site=5936378

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.209.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-209-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-09a7601cb.edge-irl1.demdex.com 5.80.6.20210202104731 4ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: BpQ/yaAlQ9A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: OP/DXKHyQ6A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://att.demdex.net/firstevent?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144332637&d_placement=292494536&d_campaign=24935727&d_site=5936378
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK /
d.agkn.com/pixel/2387/ 43 B
660 B 208ms
51ms Image
image/gif 18.195.77.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/2387/?ct=PL&st=&city=10946&dma=0&zp=&bw=3&che=3589390598&col=24935727,5936378,292494536,486197547,144332637
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.77.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-77-77.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Feb 2021 05:25:23 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D25C 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thehackernews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Feb 2021 18:17:52 GMT
expires: Sat, 26 Feb 2022 18:17:52 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 40052
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame 4839 1 KB
1 KB 6ms
6ms Document
text/html 2a02:26f0:6c00:2bd::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal79.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bd::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://thehackernews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 806
Cache-Control: max-age=75145
Date: Sat, 27 Feb 2021 05:25:24 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ 1 KB
916 B 49ms
49ms Script
text/javascript 213.254.244.15
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_116617376945&jsTagObjCallback=__tagObject_callback_116617376945&num=6&ctx=&cmp=&plc=&sid=&advid=&adsrv=&unit=&isdvvid=&uid=116617376945&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dup=null&brid=0&brver=&bridua=3&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&aUrlD=&m1=13&noc=16&fcifrms=6&brh=2&fwc=0&flt=1&fec=485&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=128&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau_aTau7%3ACDE%5C%3E2%3DH2C6%5C56D%3A8%3F65%5C7%40C%5C2AA%3D6%5C%3E%60%5D9E%3E%3DTbuD40DC4Tbs6%3E2%3A%3D0aegb%60%60aTaeD40%3D%3A5Tbs%60fd%60b_ffbTaeD40F%3A5Tbs%7C!%3Cq3%3AFB9yTaeD40%3D%3D%3A5Tbsdfhd%60TaeFE%3E042%3EA2%3A8%3FTbsa_a%60%5C_a%5CaeTaq%60eTadbp__Tadbp__%5C%7D%7B%5Ca_a%60%5C_a%5CFD%5CD8%5CD2%5C%3A%3D%5C%3E6%5C%3E%3CE%40%5C6E%5CEC%3A2%3DDTaeFE%3E0D%40FC46Tbs6%3E2%3A%3DTaeFE%3E0%3E65%3AF%3ETbs6%3E2%3A%3DTaeD404FDE%40%3E6CTbsTaeD4069Tbs2%604g454c3546ag2e%60U2%26C%3Dl
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal79.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.15 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: a08b2468a64f2f705bae432f3ff0070d9c1ae3c8a2b2a1c0c3e8b9e1d62f76ed

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
X-DV-Response: 0
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Date: Sat, 27 Feb 2021 05:25:23 GMT
Expires: 2/26/2021 5:25:24 AM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame 97C4 4 KB
2 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:2bd::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-match6.js
Requested by: Host: link.acronis.online
URL: https://link.acronis.online/u/nrd.php?p=MPkBbiuqhJ_57951_2683112_1_9&ems_l=3895902&i=1&d=MTc1MTMwNzcz%7CTVBrQmJpdXFoSg%3D%3D%7CMjAyMS0wMi0yNisxNiUzQTAwJTNBMDA%3D%7CTkwtMjAyMS0wMi11cy1zZy1zYS1pbC1tZS1ta3RvLWV0LXRyaWFscw%3D%3D%7C%7CYTFjOGNkYzRiZGNlMjhhNjE%3D%7C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bd::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 05:25:24 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=13730
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

GET
H/1.1 200
OK dv-measurements991.js Show response
cdn.doubleverify.com/ Frame B5D9 461 KB
85 KB 17ms
16ms Script
application/javascript 2a02:26f0:6c00:2bd::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements991.js
Requested by: Host: link.acronis.online
URL: https://link.acronis.online/u/nrd.php?p=MPkBbiuqhJ_57951_2683112_1_9&ems_l=3895902&i=1&d=MTc1MTMwNzcz%7CTVBrQmJpdXFoSg%3D%3D%7CMjAyMS0wMi0yNisxNiUzQTAwJTNBMDA%3D%7CTkwtMjAyMS0wMi11cy1zZy1zYS1pbC1tZS1ta3RvLWV0LXRyaWFscw%3D%3D%7C%7CYTFjOGNkYzRiZGNlMjhhNjE%3D%7C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bd::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 6eefcba6d0b51a5940e1a3b2fab08f71a653129b41da356a2e9b0c053acf0b16

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 05:25:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Feb 2021 15:16:28 GMT
Server: Microsoft-IIS/10.0
ETag: "02e81dbf69d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946090800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 86831

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ 0
22 B 47ms
47ms Other
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 27 Feb 2021 05:25:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D0A9 0
224 B 28ms
28ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Budkaw9c5YM_MLviL7_UPhJaDsAcAAAAAOAHgBAI&bg=!-vml-brNAAXB_3NtwTsAKQB2-DxarsSGdVxWaPx6dQ7OcLXGUETA7eqUGk5EMbtQchwmaw9pVMVMAgAAAKdSAAAAPWgBBwoAnwrGfoVYTaghzcdcosysujey-tty_eT1HF2GW9SjtO_17nAcSmIN0KlctgWqLPHpqT1iyJw_CrXfbdf-5cRZM_u2xD0gBc6spffoM6mD58IqZ0_T4RZLzGZZRQ2I8Pfby2i2pdsPN4Ut2dLIsuSxa8YTUrAr1BmasEA_ppq0hBmHSYj5L1qgdxkJSb1aNS9VCL8bMlsJ9UB5HP0gw9gBi5kCK3aJOfeZ_pqJPfxxpR2rXuV0lt4hMnZFYzlcfYZocFjCnZaaVP4XA4TjSvICrpXIuCRp3W7jV-S5-9uWVS4EuooY4f0a_erLquvx1z8ctB0L5UOAUp-Ly2L6S6iwnPj-50NWVTOr_608Jp5yIK-wGp6Z3A97F2CcK67YIwX6bThxcLfoRF8nMEaTauCBAjixuzbyqDQGqfGoR66sDOC8lKu-2WDQlLwYvDDxBotq6CaI-UGGUS-MuDbXt6ktx_KHLNBIIlx8Vf68XNorCJXX1efthyDyMdTAiRKPeihSBlvK-NJyp0BbZ5mFMVYwA-cCohP_7LaZDA3KJupRcBYORJuJZy0vSXPBVazAbZ4GD_GvXandFgZjqm33t9HI6BQ11vrerwXwwSo1AwRlQrWP8Yak3vplKlbL0QhQa4qZAepTK1wIhwgXE64TpZGnIallcmFQgrlEsZ2X9ruIhjAhpgoOG2T09rmMc6TOoJY4aYMz-BlHzYvsbkmH7iA0QIjR7tTAux5j1HLf0nNVwECoLmakYMhCN2WEa7Yr9nFYFspvBS4n0z2MJnHO11f4xbbCwqHPHZqpxDPxdAVm9uEXIuQPy_LV2aQCIV7ithG9uryycQUljRxbWJ2dr7mMCpQRrAbO0280m7vQiZQ04d_tfHsz2upCvH5UUf4W0QGvXD6WV6uNhVzSLsONDy-M2j1kBU5nxB_OaUhfuxXUlyVLkwKRHCmD4WLpcA-M3w

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 05:25:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js Show response
pagead2.googlesyndication.com/bg/ Frame D25C 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:32:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 129180
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6234
x-xss-protection: 0
expires: Fri, 25 Feb 2022 17:32:24 GMT

GET
H/1.1 200
OK t2tv7.html Show response
cdn.doubleverify.com/ Frame 0510 12 KB
4 KB 7ms
7ms Document
text/html 2a02:26f0:6c00:2bd::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/t2tv7.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements991.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bd::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 29f21aea7fc613d2618b70a483e0b4bf50ba3f4ce4109fa429ce580ec57ef991

Request headers

Host: cdn.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://thehackernews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

Cache-Control: max-age=946080000
Content-Type: text/html
Last-Modified: Thu, 11 Sep 2014 19:15:16 GMT
Accept-Ranges: bytes
ETag: "0ba3b8f4cdcf1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3877
Date: Sat, 27 Feb 2021 05:25:24 GMT
Connection: keep-alive

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame B5D9 3 KB
2 KB 138ms
48ms Script
text/javascript 213.254.244.12
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?bridua=3&tstype=1&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau_aTau7%3ACDE%5C%3E2%3DH2C6%5C56D%3A8%3F65%5C7%40C%5C2AA%3D6%5C%3E%60%5D9E%3E%3DTbuD40DC4Tbs6%3E2%3A%3D0aegb%60%60aTaeD40%3D%3A5Tbs%60fd%60b_ffbTaeD40F%3A5Tbs%7C!%3Cq3%3AFB9yTaeD40%3D%3D%3A5Tbsdfhd%60TaeFE%3E042%3EA2%3A8%3FTbsa_a%60%5C_a%5CaeTaq%60eTadbp__Tadbp__%5C%7D%7B%5Ca_a%60%5C_a%5CFD%5CD8%5CD2%5C%3A%3D%5C%3E6%5C%3E%3CE%40%5C6E%5CEC%3A2%3DDTaeFE%3E0D%40FC46Tbs6%3E2%3A%3DTaeFE%3E0%3E65%3AF%3ETbs6%3E2%3A%3DTaeD404FDE%40%3E6CTbsTaeD4069Tbs2%604g454c3546ag2e%60&srcurlD=0&aUrlD=0&ssl=https:&dfs=1613&ddur=8&uid=1614403524460989&jsCallback=dvCallback_1614403524460857&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=991&tgjsver=991&lvvn=28&m1=13&refD=0&referrer=https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-apple-m1.html%3Fsc_src%3Demail_2683112%26sc_lid%3D175130773%26sc_uid%3DMPkBbiuqhJ%26sc_llid%3D57951%26utm_campaign%3D2021-02-26%2B16%253A00%253A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials%26utm_source%3Demail%26utm_medium%3Demail%26sc_customer%3D%26sc_eh%3Da1c8cdc4bdce28a61&fwc=0&flt=1&fec=488&fcifrms=8&brh=2&dvp_epl=528&noc=16&ctx=607671&cmp=24935727&sid=5936378&plc=292494536&crt=144332637&btreg=486197547&btadsrv=doubleclick&adsrv=1&advid=6141273&errorURL=https://tps.doubleverify.com/visit.jpg&dvp_att_uid=__AP1_np_dv_90d7z04l1voPA__&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=15483509735.664856&dvp_tukv=9903973288.485023&dvp_uuid=508005911.2647321&dvp_tuid=939555813175&dvp_slmsd=45&dvp_vcmsd=92
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements991.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.12 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3b69d494b9eeddcb47d238f5b283cdba5b9950d539f38597af73afea100d7412

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Feb 2021 05:25:23 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 2/26/2021 5:25:24 AM

GET
H/1.1 200
OK bsevent.gif
tps20512.doubleverify.com/ 807 B
1 KB 136ms
44ms Image
image/gif 213.254.244.12
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20512.doubleverify.com/bsevent.gif?impid=f6cb26d0028b4baeb1eca3bf634f2a69&dvp_or2=1&cbust=1614403524539998
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.12 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Feb 2021 05:25:23 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 2/26/2021 5:25:24 AM

GET
H/1.1 200
OK bsevent.gif
tps20512.doubleverify.com/ 807 B
1 KB 135ms
44ms Image
image/gif 213.254.244.12
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20512.doubleverify.com/bsevent.gif?impid=f6cb26d0028b4baeb1eca3bf634f2a69&vfdur=147&cbust=1614403524540447
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.12 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Feb 2021 05:25:23 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 2/26/2021 5:25:24 AM

GET
H3-Q050 200 B24935727.292495514;dc_ver=68.195;sz=728x90;u_sd=1;u=__AP1_np_dv_90d7z04l1voPA__;dc_adk=2575427987;ord=551bep;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-apple... Show response
ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/ 31 KB
16 KB 66ms
66ms Script
text/javascript 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292495514;dc_ver=68.195;sz=728x90;u_sd=1;u=__AP1_np_dv_90d7z04l1voPA__;dc_adk=2575427987;ord=551bep;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-apple-m1.html%3Fsc_src%3Demail_2683112%26sc_lid%3D175130773%26sc_uid%3DMPkBbiuqhJ%26sc_llid%3D57951%26utm_campaign%3D2021-02-26%2B16%253A00%253A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials%26utm_source%3Demail%26utm_medium%3Demail%26sc_customer%3D%26sc_eh%3Da1c8cdc4bdce28a61$0;xdt=0;crlt=Fvz-tslNaX;sttr=1;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v68.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

dcb5a04c97e3d2ed857eec3e85ce1c9d20c738c1936bbb1debe584c73fbaf99f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 05:25:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ 0
22 B 47ms
47ms Other
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuBgbsjRmlsJYcZh5qdK6nok2J6Et7ya5D35mWbDuLyd-gs-fMj3jSY1wASIyuzNQy_Mq1VVpG_1ne8nx3_obMVCi_5PSubZtprLWA5mFKEt4WE2_MuGb7orKif3WrNr0kosFZ-xWBZcv5o7bWAycWxwB6yPHeJoNIzc5D3fJVI&sig=Cg0ArKJSzNyyZget56HqEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210224.43481&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292495514;dc_ver=68.195;sz=728x90;u_sd=1;u=__AP1_np_dv_90d7z04l1voPA__;dc_adk=2575427987;ord=551bep;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-apple-m1.html%3Fsc_src%3Demail_2683112%26sc_lid%3D175130773%26sc_uid%3DMPkBbiuqhJ%26sc_llid%3D57951%26utm_campaign%3D2021-02-26%2B16%253A00%253A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials%26utm_source%3Demail%26utm_medium%3Demail%26sc_customer%3D%26sc_eh%3Da1c8cdc4bdce28a61$0;xdt=0;crlt=Fvz-tslNaX;sttr=1;prcl=s

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 27 Feb 2021 05:25:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 ca Show response
choices.truste.com/ 28 KB
9 KB 68ms
66ms Script
text/javascript 65.9.187.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.truste.com/ca?pid=att01&aid=att_hs&cid=24935727_144332127_292495514&js=st0
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292495514;dc_ver=68.195;sz=728x90;u_sd=1;u=__AP1_np_dv_90d7z04l1voPA__;dc_adk=2575427987;ord=551bep;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-apple-m1.html%3Fsc_src%3Demail_2683112%26sc_lid%3D175130773%26sc_uid%3DMPkBbiuqhJ%26sc_llid%3D57951%26utm_campaign%3D2021-02-26%2B16%253A00%253A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials%26utm_source%3Demail%26utm_medium%3Demail%26sc_customer%3D%26sc_eh%3Da1c8cdc4bdce28a61$0;xdt=0;crlt=Fvz-tslNaX;sttr=1;prcl=s
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.187.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 436d34cac4b7e1737c57ec8ef04663658c3eeac2e4a6dd9a8157e81c580ae182

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 01:46:32 GMT
content-encoding: gzip
server: nginx
age: 13132
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 f857c6fa23ed7b2d0b237aefe9c50960.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: mI0bRjeS54d9m-p-Gruu9bbqzFVMLFLt81qEcneLIbW3QV8wd5fwUQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ 7 KB
3 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00:2bd::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=607671&cmp=24935727&sid=5936378&plc=292495514&num=&adid=&advid=6141273&adsrv=1&region=30&btreg=485910716&btadsrv=doubleclick&crt=144332127&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src&dvp_att_uid=__AP1_np_dv_90d7z04l1voPA__
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N424004.3381407THEHACKERNEWS/B24935727.292495514;dc_ver=68.195;sz=728x90;u_sd=1;u=__AP1_np_dv_90d7z04l1voPA__;dc_adk=2575427987;ord=551bep;dc_rfl=0,https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-apple-m1.html%3Fsc_src%3Demail_2683112%26sc_lid%3D175130773%26sc_uid%3DMPkBbiuqhJ%26sc_llid%3D57951%26utm_campaign%3D2021-02-26%2B16%253A00%253A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials%26utm_source%3Demail%26utm_medium%3Demail%26sc_customer%3D%26sc_eh%3Da1c8cdc4bdce28a61$0;xdt=0;crlt=Fvz-tslNaX;sttr=1;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bd::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 85dfa91c770fb65bcac7572380ee5599fba69e3315830cb9a6f177b8287b04e6

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 05:25:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Feb 2021 15:18:35 GMT
Server: Microsoft-IIS/10.0
ETag: "805777c89bd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=10800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2979

GET
H3-Q050 200 I_ABU_AVT_3_STB_DTP_728x90_S_N_EN_NA_ABS_AVT_TenthEdition_NA_NA_01-08_01_MF.png
s0.2mdn.net/6141273/ 32 KB
33 KB 8ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6141273/I_ABU_AVT_3_STB_DTP_728x90_S_N_EN_NA_ABS_AVT_TenthEdition_NA_NA_01-08_01_MF.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74703b7991fb1785f4a70639c48f071bc9881ef0a0c5671f46d0e985efb55373

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 19:32:26 GMT
x-content-type-options: nosniff
last-modified: Fri, 08 Jan 2021 23:43:24 GMT
server: sffe
age: 35578
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33212
x-xss-protection: 0
expires: Sat, 27 Feb 2021 19:32:26 GMT

GET
H/1.1 200
OK /
d.agkn.com/pixel/2387/ 43 B
660 B 53ms
52ms Image
image/gif 18.195.77.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/2387/?ct=PL&st=&city=10946&dma=0&zp=&bw=3&che=778830019&col=24935727,5936378,292495514,485910716,144332127
Requested by: Host: thehackernews.com
URL: https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.77.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-77-77.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Feb 2021 05:25:24 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK event
att.demdex.net/ 42 B
915 B 76ms
66ms Image
image/gif 52.212.209.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://att.demdex.net/event?d_event=imp&d_src=127123&d_bu=1020274&d_creative=144332127&d_placement=292495514&d_campaign=24935727&d_site=5936378

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.209.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-209-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-0f228079d.edge-irl1.demdex.com 5.80.6.20210202104731 3ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: KnShv0bGSCg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4C00 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thehackernews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Feb 2021 18:17:52 GMT
expires: Sat, 26 Feb 2022 18:17:52 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 40052
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ 0
22 B 52ms
52ms Other
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 27 Feb 2021 05:25:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 194 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f88754ecdaeedbf69845f3cb4015909beff31f92b173185c075ff8ab40ae3d02

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
48 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2467a9fefa378b8d57d62d9108794bcd476de6ce2cc1ba42ea85200fd73960b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49420
x-xss-protection: 0
server: cafe
etag: 13386428730629145965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 27 Feb 2021 05:25:24 GMT

GET
H/1.1 200
OK dv-measurements991.js Show response
cdn.doubleverify.com/ Frame A8EA 461 KB
85 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:2bd::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements991.js
Requested by: Host: link.acronis.online
URL: https://link.acronis.online/u/nrd.php?p=MPkBbiuqhJ_57951_2683112_1_9&ems_l=3895902&i=1&d=MTc1MTMwNzcz%7CTVBrQmJpdXFoSg%3D%3D%7CMjAyMS0wMi0yNisxNiUzQTAwJTNBMDA%3D%7CTkwtMjAyMS0wMi11cy1zZy1zYS1pbC1tZS1ta3RvLWV0LXRyaWFscw%3D%3D%7C%7CYTFjOGNkYzRiZGNlMjhhNjE%3D%7C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bd::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 6eefcba6d0b51a5940e1a3b2fab08f71a653129b41da356a2e9b0c053acf0b16

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 05:25:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Feb 2021 15:16:28 GMT
Server: Microsoft-IIS/10.0
ETag: "02e81dbf69d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946090800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 86831

GET
H2 200 vmware.jpg
thehackernews.com/images/-M_1KgL6tAuQ/YDYE-aJuyBI/AAAAAAAAB38/asAWmk7ZJscXPGS_gHJudw0GOAZrcEX7wCLcBGAsYHQ/s72-c-e100/ 2 KB
3 KB 20ms
19ms Image
image/webp 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-M_1KgL6tAuQ/YDYE-aJuyBI/AAAAAAAAB38/asAWmk7ZJscXPGS_gHJudw0GOAZrcEX7wCLcBGAsYHQ/s72-c-e100/vmware.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d03b66c5ae3f7a8e6c6b71336f44a819a322101d8c71270841fec1c1f412eb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:25:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 77982
cf-polished: origFmt=jpeg, origSize=2201
content-disposition: inline; filename="vmware.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1936
x-xss-protection: 0
expires: Sat, 05 Jun 2021 07:51:13 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "v780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mwqs0r8MzcFs5JIbwCeDZnn95hF2MW5DwkEWbPaiTyIDH03wtdAhFAEfr664HptHXCS6RYUKpAPznApwaQdoRRXMnHZ1%2FYef%2FJt0hjxnxan65F6nl45Abk3W04Mnuw%3D%3D"}],"max_age":604800}
content-type: image/webp
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 08838bf06900009808b9027000000001
accept-ranges: bytes
cf-ray: 627f7c2d7f439808-FRA
access-control-expose-headers: Content-Length

GET
H2 200 credit-card-hacking.jpg
thehackernews.com/images/-Cq_xbH4DUt0/YC_ULBaPLLI/AAAAAAAAB1g/D8MDjlVBcIMdXEQubRzSoe-VenRlXNYaQCLcBGAsYHQ/s72-c-e100/ 3 KB
3 KB 23ms
23ms Image
image/webp 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-Cq_xbH4DUt0/YC_ULBaPLLI/AAAAAAAAB1g/D8MDjlVBcIMdXEQubRzSoe-VenRlXNYaQCLcBGAsYHQ/s72-c-e100/credit-card-hacking.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd8eb575ecc96f1d57cfb94bbc8ea536a4d54bc9a4d4591b15a66a04709560ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:25:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 77982
cf-polished: origFmt=jpeg, origSize=3470
content-disposition: inline; filename="credit-card-hacking.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3144
x-xss-protection: 0
expires: Mon, 31 May 2021 07:42:36 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "v75a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oOIPy5tOjtfqk2FFDef%2F9R6YCcZ9UPJ9b23jUwpMGmegb62MqpA7DB0rUZzljWvt4ppWxp5XnafHb6gGXSSUgSx3g0R0S9jZ6f%2FKHU1RBhpeaRY%2B3WAcm7Pj45WN%2Bw%3D%3D"}],"max_age":604800}
content-type: image/webp
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 08838bf0690000980895a81000000001
accept-ranges: bytes
cf-ray: 627f7c2d7f449808-FRA
access-control-expose-headers: Content-Length

GET
H/1.1 200
OK t2tv7.html Show response
cdn.doubleverify.com/ Frame DE76 12 KB
4 KB 7ms
6ms Document
text/html 2a02:26f0:6c00:2bd::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/t2tv7.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements991.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bd::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 29f21aea7fc613d2618b70a483e0b4bf50ba3f4ce4109fa429ce580ec57ef991

Request headers

Host: cdn.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://thehackernews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

Cache-Control: max-age=946080000
Content-Type: text/html
Last-Modified: Thu, 11 Sep 2014 19:15:16 GMT
Accept-Ranges: bytes
ETag: "0ba3b8f4cdcf1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3877
Date: Sat, 27 Feb 2021 05:25:24 GMT
Connection: keep-alive

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame A8EA 3 KB
2 KB 48ms
48ms Script
text/javascript 213.254.244.12
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?bridua=3&tstype=1&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau_aTau7%3ACDE%5C%3E2%3DH2C6%5C56D%3A8%3F65%5C7%40C%5C2AA%3D6%5C%3E%60%5D9E%3E%3DTbuD40DC4Tbs6%3E2%3A%3D0aegb%60%60aTaeD40%3D%3A5Tbs%60fd%60b_ffbTaeD40F%3A5Tbs%7C!%3Cq3%3AFB9yTaeD40%3D%3D%3A5Tbsdfhd%60TaeFE%3E042%3EA2%3A8%3FTbsa_a%60%5C_a%5CaeTaq%60eTadbp__Tadbp__%5C%7D%7B%5Ca_a%60%5C_a%5CFD%5CD8%5CD2%5C%3A%3D%5C%3E6%5C%3E%3CE%40%5C6E%5CEC%3A2%3DDTaeFE%3E0D%40FC46Tbs6%3E2%3A%3DTaeFE%3E0%3E65%3AF%3ETbs6%3E2%3A%3DTaeD404FDE%40%3E6CTbsTaeD4069Tbs2%604g454c3546ag2e%60&srcurlD=0&aUrlD=0&ssl=https:&dfs=1613&ddur=8&uid=1614403524752149&jsCallback=dvCallback_1614403524752738&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=991&tgjsver=991&lvvn=28&m1=13&refD=0&referrer=https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-apple-m1.html%3Fsc_src%3Demail_2683112%26sc_lid%3D175130773%26sc_uid%3DMPkBbiuqhJ%26sc_llid%3D57951%26utm_campaign%3D2021-02-26%2B16%253A00%253A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials%26utm_source%3Demail%26utm_medium%3Demail%26sc_customer%3D%26sc_eh%3Da1c8cdc4bdce28a61&fwc=0&flt=1&fec=642&fcifrms=11&brh=2&dvp_epl=528&noc=16&ctx=607671&cmp=24935727&sid=5936378&plc=292495514&crt=144332127&btreg=485910716&btadsrv=doubleclick&adsrv=1&advid=6141273&errorURL=https://tps.doubleverify.com/visit.jpg&dvp_att_uid=__AP1_np_dv_90d7z04l1voPA__&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=15483509735.664856&dvp_tukv=170472283.39957106&dvp_uuid=2413963.2747250004&dvp_tuid=515295519721&dvp_slmsd=44&dvp_vcmsd=55
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements991.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.12 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d8173130e3dbf4d0f6bcdc46fba4212aca13b1d2c84f6b49176b6244a479a22a

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Feb 2021 05:25:24 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 2/26/2021 5:25:24 AM

GET
H3-Q050 200 gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C00 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:32:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 129180
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6234
x-xss-protection: 0
expires: Fri, 25 Feb 2022 17:32:24 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/37020/ 388 KB
108 KB 49ms
47ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/37020/adpushup.js
Requested by: Host: link.acronis.online
URL: https://link.acronis.online/u/nrd.php?p=MPkBbiuqhJ_57951_2683112_1_9&ems_l=3895902&i=1&d=MTc1MTMwNzcz%7CTVBrQmJpdXFoSg%3D%3D%7CMjAyMS0wMi0yNisxNiUzQTAwJTNBMDA%3D%7CTkwtMjAyMS0wMi11cy1zZy1zYS1pbC1tZS1ta3RvLWV0LXRyaWFscw%3D%3D%7C%7CYTFjOGNkYzRiZGNlMjhhNjE%3D%7C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: fae504334d677dd7491a1b1ecfdc85703d235ea6ee5fb3c15250e3705e3cef31

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:25:24 GMT
content-encoding: br
x-cf3: M
cf4ttl: 604800.000
x-cf1: 28371:fC.fra2:co:1614260312:cacheN.fra2-01:M
x-cf-geodata: DE
content-length: 110351
x-cf-tsc: 1614260702
x-cf2: H
last-modified: Thu, 25 Feb 2021 13:45:01 GMT
server: CFS 0215
x-cff: B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
cf4age: 0
accept-ranges: bytes
expires: Sat, 27 Feb 2021 05:40:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4968
date: Sat, 27 Feb 2021 04:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 27 Feb 2021 06:02:36 GMT

GET
H2 200 AGSKWxVCE9aQnM7rjG02YN1eV0blA3lRnL84uxCpDUK_mZPdZ1d7byGIFGlN9PjJiiJxz0C5xjtJZb98SQo0dpwh7Jg= Show response
fundingchoicesmessages.google.com/f/ 80 KB
31 KB 57ms
37ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVCE9aQnM7rjG02YN1eV0blA3lRnL84uxCpDUK_mZPdZ1d7byGIFGlN9PjJiiJxz0C5xjtJZb98SQo0dpwh7Jg=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c86b5ad0ceb4383e4266da631079c2d6f5df0d6254fe258489eaa2bb271bc8fd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GvkVUIhRSbrxqLHpSIDWnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-GvkVUIhRSbrxqLHpSIDWnQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"boq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
origin-trial: AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-security-policy: script-src 'report-sample' 'nonce-GvkVUIhRSbrxqLHpSIDWnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-GvkVUIhRSbrxqLHpSIDWnQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="boq"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 87 KB
28 KB 23ms
10ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:25:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2020208
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27964
cf-request-id: 08838bf10800002bd2cb00d000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15d95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Qb1N1A0cl2z1ET4jpd0xBTb127gM%2BPK5Xig%2FVBQFd6PoLLj4qJ70QQiJyBzGIDrqzqHXuV8s1x6eShVtfn0gffGWBpkKYX434%2BtkmNjLgz8P8NHTdzuAB9osdfOJece1Xw%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 627f7c2e7e662bd2-FRA
expires: Thu, 17 Feb 2022 05:25:24 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ 227 KB
85 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7983783048239650&plah=thehackernews.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87195
x-xss-protection: 0
server: cafe
etag: 3111314854812010922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 27 Feb 2021 05:25:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/ Frame 1E7C 10 KB
5 KB 25ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210224/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thehackernews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm18Ff5TxsmVME7iuVYz2M01dC84bymDGcQHgeUhjUhkUFUgqMN_VwdPpd3usU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thehackernews.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 27 Feb 2021 00:12:56 GMT
expires: Sat, 13 Mar 2021 00:12:56 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 18748
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 13ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=208500885&t=pageview&_s=1&dl=https%3A%2F%2Fthehackernews.com%2F2021%2F02%2Ffirst-malware-designed-for-apple-m1.html%3Fsc_src%3Demail_2683112%26sc_lid%3D175130773%26sc_uid%3DMPkBbiuqhJ%26sc_llid%3D57951%26utm_campaign%3D2021-02-26%2B16%253A00%253A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials%26utm_source%3Demail%26utm_medium%3Demail%26sc_customer%3D%26sc_eh%3Da1c8cdc4bdce28a61&dr=https%3A%2F%2Flink.acronis.online%2Fu%2Fnrd.php%3Fp%3DMPkBbiuqhJ_57951_2683112_1_9%26ems_l%3D3895902%26i%3D1%26d%3DMTc1MTMwNzcz%257CTVBrQmJpdXFoSg%253D%253D%257CMjAyMS0wMi0yNisxNiUzQTAwJTNBMDA%253D%257CTkwtMjAyMS0wMi11cy1zZy1zYS1pbC1tZS1ta3RvLWV0LXRyaWFscw%253D%253D%257C%257CYTFjOGNkYzRiZGNlMjhhNjE%253D%257C&ul=en-us&de=UTF-8&dt=First%20Malware%20Designed%20for%20Apple%20M1%20Chip%20Discovered%20in%20the%20Wild&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=899114494&gjid=2067063173&cid=183237937.1614403525&tid=UA-27389293-1&_gid=1276064225.1614403525&_r=1&_slc=1&z=12767851

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 05:25:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cname-cloaking.jpg
thehackernews.com/images/-WTItfxkbWAM/YDZ48QVp6lI/AAAAAAAAB4U/Z5OetVojZNwOKfHg8SBMOfxjFsy0dfL9wCLcBGAsYHQ/s72-c-e100/ 3 KB
3 KB 21ms
20ms Image
image/jpeg 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-WTItfxkbWAM/YDZ48QVp6lI/AAAAAAAAB4U/Z5OetVojZNwOKfHg8SBMOfxjFsy0dfL9wCLcBGAsYHQ/s72-c-e100/cname-cloaking.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebb6e22db0d7c272745bb255aecf1709b9f2af3694feeb2fc8febb5115d015c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:25:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 77982
cf-polished: status=not_needed
content-disposition: inline;filename="cname-cloaking.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2650
x-xss-protection: 0
expires: Sun, 06 Jun 2021 00:01:52 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "v786"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cnD9aFqPKjZPSClOQp6CdLmsqn%2FK05PIZi15NMmbpbddrrV2N8%2B6PwHG3q4yqqdtDql%2FPwpXs35bSCtgOqUTbo1Jq3FpbosXUZYlZ2e56CS3RarkXrnfowSDOEsgdQ%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 08838bf1580000980895a83000000001
accept-ranges: bytes
cf-ray: 627f7c2eff6c9808-FRA
access-control-expose-headers: Content-Length

GET
H2 200 pdf.jpg
thehackernews.com/images/-d2bet84hc7Y/YDTbqxYQBZI/AAAAAAAAB3c/GWAI55pI0MUZeOS0CtTiQBiF9PqbJ7wxwCLcBGAsYHQ/s72-c-e100/ 3 KB
3 KB 18ms
18ms Image
image/jpeg 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-d2bet84hc7Y/YDTbqxYQBZI/AAAAAAAAB3c/GWAI55pI0MUZeOS0CtTiQBiF9PqbJ7wxwCLcBGAsYHQ/s72-c-e100/pdf.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0e620dfb9137c44268fcf8e2a7585e36b5be03b7cdbc8bfa92eb08352f16767

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:25:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 77982
cf-polished: status=not_needed
content-disposition: inline;filename="pdf.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2672
x-xss-protection: 0
expires: Sun, 06 Jun 2021 00:01:52 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "v778"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zM%2BzfMIeToS3NGne468s%2F57mI5i6MYiaLI2P3wljlaP5rorlLhuP3fslezqnu%2F6g7EWYMuMPYbtLcGpbSQCc8c%2BFrcgTgRvF610UKkLEWrod%2FOFmy9Z1Sc%2BfQVxHoA%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 08838bf15900009808bf866000000001
accept-ranges: bytes
cf-ray: 627f7c2eff6d9808-FRA
access-control-expose-headers: Content-Length

GET
H2 200 brave-browser-privacy.jpg
thehackernews.com/images/-GPWALTnJxL0/YDE1sIInajI/AAAAAAAAB18/a3wZIA8fFf0ffrKm8GiLzSRYi0ktCRf8wCLcBGAsYHQ/s72-c-e100/ 2 KB
3 KB 22ms
22ms Image
image/webp 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-GPWALTnJxL0/YDE1sIInajI/AAAAAAAAB18/a3wZIA8fFf0ffrKm8GiLzSRYi0ktCRf8wCLcBGAsYHQ/s72-c-e100/brave-browser-privacy.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89602cb97c44ef298fd36ef415250bd41ace3353d431b0d05fe76ca38a7aafdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:25:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 77982
cf-polished: origFmt=jpeg, origSize=3374
content-disposition: inline; filename="brave-browser-privacy.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2518
x-xss-protection: 0
expires: Wed, 02 Jun 2021 21:00:07 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "v760"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DTJwZa3O4bYW%2BMZB%2FUdykhJSwGYyZaOZc01x3uiQRktClVZHHY9T1Cebg7xvA6BiVLVnZsW1HmGJ3ielbNF0Y8kS3OR9fOD5L%2ByOYJfQzUJPPOQ22%2BF3hpwlX%2F0hPQ%3D%3D"}],"max_age":604800}
content-type: image/webp
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 08838bf159000098088b063000000001
accept-ranges: bytes
cf-ray: 627f7c2eff6e9808-FRA
access-control-expose-headers: Content-Length

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-27389293-1&cid=183237937.1614403525&jid=899114494&gjid=2067063173&_gid=1276064225.1614403525&_u=IEBAAEAAAAAAAC~&z=2141056865

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 27 Feb 2021 05:25:24 GMT
content-type: text/plain
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D25C 0
23 B 28ms
27ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAsd_xNc5YPexD7HE7_UPh7-I4AkAAAAAOAHgBAI&bg=!_P-l_7zNAAXB_3NtwTsAKQB2-DxaapzXofdQEb_5N2igzOm1jPFTqskisGcRSXmNplDLZelP_y__AgAAARxSAAAAX2gBBwoAAU-ZAibXyrsbBWSKpTgY7TczQapZoXy2zKbB-50Cj9sHnKnmvi79UAW8Vj3cCi6CoX3hp3N2IUOFg3qr2rTMy_P35tdbasXCGlLRb29ei6LbX5-X5L0PwyR1fS4RxYwwtbIIGhx7VQwoXNkkp5DLoOugclSNpisU1l71qzchKuEcvxwzv02XYIoigKnkeN1idLymE5miBCZeog4zyRuvtv2cW8F45xHanct-GqFOFw5MQzJ0pALLKnjAv75UQKjpPty3Cq2Rnd6itv6t6_ziOgJA8TSMCR9Z6dM5n8BzP0TDiG192vKaMhPQvU1k8MyjqdlFLpy_-23RQsWfx7gv4R1KVB1ZLsChkoQd9MNy87vHwXRz4hBeKGGPXSFawsem0BlY5DT_xGjze-79dsL00FkIhKtVULmn8ljIZiFmJI63oi_bcfBJyRL58774W7RCeUJ2aLs4p_ciQTfS7wLwMhnRnKeG6QhuLjHpa7P0QGD8Wl5WRJXJuhFwxaBQYd_KAcDPOaXWAiwfilBlc9MVyekv2TIoIB-A0ltjo5HrOfwx_Qd9hKZnYKWhhaRo0Dy9d-w_4FXhZPNEe0oFW_-Qct1LcvFz0o--3LADusy5-StubD9XakhXitpztp3ZZoAcbc5MH1TYXKwzGZaLci2bQMstfg77AD2kGsz5x-gvOyPXbbJnSiPVRd27OFujouEjGAqLRl6tjzUF3uF_HkmVgc7kPq0v7TnmjLC9

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 05:25:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxXrsKSguW5NLsKCCfjE2VMHZ6C-D3qVcWv-O7Cws4MvDnEttaAM3Di1mnt2T38vhhjtKL4izhxVY5aSl-kPiBI= Show response
fundingchoicesmessages.google.com/l/ 0
1 KB 58ms
24ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxXrsKSguW5NLsKCCfjE2VMHZ6C-D3qVcWv-O7Cws4MvDnEttaAM3Di1mnt2T38vhhjtKL4izhxVY5aSl-kPiBI=?pvid=2BE570CF-90C3-46FF-AC52-361772F0BD51&anonid=B8E0A289-CAEC-4235-B3B7-D7F7920AE17C

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.McwuQ8vvY8k.es5.O/d=1/ct=zgms/rs=AJlcJMwZJiYQb_PiDAipnEIc5fjXo5F0iw/m=loader_js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2s1QUdEvvGa7xAo1l8wlIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-2s1QUdEvvGa7xAo1l8wlIA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Feb 2021 05:25:25 GMT
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-2s1QUdEvvGa7xAo1l8wlIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-2s1QUdEvvGa7xAo1l8wlIA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxXQ5CEh7DK4at_5uFW782zcQxiRgrd9wpOa85UhX4Mj6tPb_pzoe2XsKGIAH9bEoMAzQf9MRUT_smIPriI3zsQ= Show response
fundingchoicesmessages.google.com/f/ 271 KB
63 KB 86ms
71ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXQ5CEh7DK4at_5uFW782zcQxiRgrd9wpOa85UhX4Mj6tPb_pzoe2XsKGIAH9bEoMAzQf9MRUT_smIPriI3zsQ=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjE0NDAzNTI1LDQ3MDAwMDAwXSwiMkJFNTcwQ0YtOTBDMy00NkZGLUFDNTItMzYxNzcyRjBCRDUxIiwiQjhFMEEyODktQ0FFQy00MjM1LUIzQjctRDdGNzkyMEFFMTdDIixudWxsLFtudWxsLFs3XV1d

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c7a7551bc2aaaf9eeb663498f403171b8e21b92d5eb99526adc40ff934c8c374

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9R0S/2s486P1EVsBL9YhEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-9R0S/2s486P1EVsBL9YhEg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-9R0S/2s486P1EVsBL9YhEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-9R0S/2s486P1EVsBL9YhEg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
date: Sat, 27 Feb 2021 05:25:25 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"boq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
origin-trial: AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cross-origin-opener-policy-report-only: same-origin; report-to="boq"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pb.1614258692488.js Show response
cdn.adpushup.com/prebid/ 363 KB
105 KB 47ms
47ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.1614258692488.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: a5bdbf72ca0dc72c808c8a8ed5ad142ced6bdf367693fb95cedbb354e12df6a7

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:25:25 GMT
content-encoding: br
x-cf3: M
cf4ttl: 604800.000
x-cf1: 28371:fC.fra2:co:1614258800:cacheN.fra2-01:H
content-length: 107008
x-cf-tsc: 1614258857
x-cf2: H
last-modified: Thu, 25 Feb 2021 13:13:19 GMT
server: CFS 0215
x-cff: B
etag: W/"6037a26f-5aa36"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf4age: 0
accept-ranges: bytes
expires: Sun, 27 Feb 2022 05:25:25 GMT

POST
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
178 B 133ms
44ms Other
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 05:25:24 GMT
ap-cookie-status: cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 56 KB
19 KB 129ms
45ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

1905877fe2e5173b0660cec8119b2a5181deaa7aa5b13cba6cbb5b67ee3b9274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "796 / 957 of 1000 / last-modified: 1614381521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19360
x-xss-protection: 0
expires: Sat, 27 Feb 2021 05:25:25 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 115 KB
30 KB 137ms
56ms Script
application/javascript 13.224.192.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-34.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 130eab0b79272570e565d77bb286b5755b9aae8f33efe8af7a2689bf8eabb859

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:16:10 GMT
content-encoding: gzip
server: Server
age: 554
etag: d7c8ebbead57940cf77ae4183f7ff01a
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: pkiOsnrw5ub40d2SPOSAjPBBoA7O4uIM
x-amz-cf-id: IZD3weHixW6qLARr1b0urXnXnD4a1NLKj6sLUrhG-qswnoYp-4HXTg==

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
273 B 122ms
43ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MTQ0MDM1MjUxMDksInBhY2tldElkIjoiMDAwMDkwOUMtYTVkY2U5ZTQtMzMzMy00MjcwLTkwNzktMzk0YWU4MDliOGQwIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIxLzAyL2ZpcnN0LW1hbHdhcmUtZGVzaWduZWQtZm9yLWFwcGxlLW0xLmh0bWw/c2Nfc3JjPWVtYWlsXzI2ODMxMTImc2NfbGlkPTE3NTEzMDc3MyZzY191aWQ9TVBrQmJpdXFoSiZzY19sbGlkPTU3OTUxJnV0bV9jYW1wYWlnbj0yMDIxLTAyLTI2KzE2JTNBMDAlM0EwMC1OTC0yMDIxLTAyLXVzLXNnLXNhLWlsLW1lLW1rdG8tZXQtdHJpYWxzJnV0bV9zb3VyY2U9ZW1haWwmdXRtX21lZGl1bT1lbWFpbCZzY19jdXN0b21lcj0mc2NfZWg9YTFjOGNkYzRiZGNlMjhhNjEiLCJtb2RlIjoyLCJlcnJvckNvZGUiOjUsInJlZmVycmVyIjoiaHR0cHM6Ly9saW5rLmFjcm9uaXMub25saW5lL3UvbnJkLnBocD9wPU1Qa0JiaXVxaEpfNTc5NTFfMjY4MzExMl8xXzkmZW1zX2w9Mzg5NTkwMiZpPTEmZD1NVGMxTVRNd056Y3olN0NUVkJyUW1KcGRYRm9TZyUzRCUzRCU3Q01qQXlNUzB3TWkweU5pc3hOaVV6UVRBd0pUTkJNREElM0QlN0NUa3d0TWpBeU1TMHdNaTExY3kxelp5MXpZUzFwYkMxdFpTMXRhM1J2TFdWMExYUnlhV0ZzY3clM0QlM0QlN0MlN0NZVEZqT0dOa1l6UmlaR05sTWpoaE5qRSUzRCU3QyIsInBhZ2VHcm91cCI6IlBPU1QiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 05:25:24 GMT
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 20ms
19ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-27389293-1&cid=183237937.1614403525&jid=899114494&_u=IEBAAEAAAAAAAC~&z=281761321

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 05:25:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-27389293-1&cid=183237937.1614403525&jid=899114494&_u=IEBAAEAAAAAAAC~&z=281761321

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 05:25:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
131 B 65ms
44ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MTQ0MDM1MjUxNTMsInBhY2tldElkIjoiMDAwMDkwOUMtYTVkY2U5ZTQtMzMzMy00MjcwLTkwNzktMzk0YWU4MDliOGQwIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIxLzAyL2ZpcnN0LW1hbHdhcmUtZGVzaWduZWQtZm9yLWFwcGxlLW0xLmh0bWw/c2Nfc3JjPWVtYWlsXzI2ODMxMTImc2NfbGlkPTE3NTEzMDc3MyZzY191aWQ9TVBrQmJpdXFoSiZzY19sbGlkPTU3OTUxJnV0bV9jYW1wYWlnbj0yMDIxLTAyLTI2KzE2JTNBMDAlM0EwMC1OTC0yMDIxLTAyLXVzLXNnLXNhLWlsLW1lLW1rdG8tZXQtdHJpYWxzJnV0bV9zb3VyY2U9ZW1haWwmdXRtX21lZGl1bT1lbWFpbCZzY19jdXN0b21lcj0mc2NfZWg9YTFjOGNkYzRiZGNlMjhhNjEiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiaHR0cHM6Ly9saW5rLmFjcm9uaXMub25saW5lL3UvbnJkLnBocD9wPU1Qa0JiaXVxaEpfNTc5NTFfMjY4MzExMl8xXzkmZW1zX2w9Mzg5NTkwMiZpPTEmZD1NVGMxTVRNd056Y3olN0NUVkJyUW1KcGRYRm9TZyUzRCUzRCU3Q01qQXlNUzB3TWkweU5pc3hOaVV6UVRBd0pUTkJNREElM0QlN0NUa3d0TWpBeU1TMHdNaTExY3kxelp5MXpZUzFwYkMxdFpTMXRhM1J2TFdWMExYUnlhV0ZzY3clM0QlM0QlN0MlN0NZVEZqT0dOa1l6UmlaR05sTWpoaE5qRSUzRCU3QyIsInBhZ2VHcm91cCI6IlBPU1QiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI5NjdlY2ZhZC1iZjZiLTQyOWUtOWEzOS05NzcwYzhiN2QxODgiLCJzZWN0aW9uTmFtZSI6IkFQX1RfUl9yZXNwb25zaXZlWHJlc3BvbnNpdmVfOTY3ZWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzM3MDIwX3Jlc3BvbnNpdmVYcmVzcG9uc2l2ZV85NjdlY2ZhZC1iZjZiLTQyOWUtOWEzOS05NzcwYzhiN2QxODgiLCJzZXJ2aWNlcyI6WzIsM10sImFkVW5pdFR5cGUiOjF9XX0=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 05:25:24 GMT
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
131 B 84ms
63ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MTQ0MDM1MjUxNjEsInBhY2tldElkIjoiMDAwMDkwOUMtYTVkY2U5ZTQtMzMzMy00MjcwLTkwNzktMzk0YWU4MDliOGQwIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIxLzAyL2ZpcnN0LW1hbHdhcmUtZGVzaWduZWQtZm9yLWFwcGxlLW0xLmh0bWw/c2Nfc3JjPWVtYWlsXzI2ODMxMTImc2NfbGlkPTE3NTEzMDc3MyZzY191aWQ9TVBrQmJpdXFoSiZzY19sbGlkPTU3OTUxJnV0bV9jYW1wYWlnbj0yMDIxLTAyLTI2KzE2JTNBMDAlM0EwMC1OTC0yMDIxLTAyLXVzLXNnLXNhLWlsLW1lLW1rdG8tZXQtdHJpYWxzJnV0bV9zb3VyY2U9ZW1haWwmdXRtX21lZGl1bT1lbWFpbCZzY19jdXN0b21lcj0mc2NfZWg9YTFjOGNkYzRiZGNlMjhhNjEiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiaHR0cHM6Ly9saW5rLmFjcm9uaXMub25saW5lL3UvbnJkLnBocD9wPU1Qa0JiaXVxaEpfNTc5NTFfMjY4MzExMl8xXzkmZW1zX2w9Mzg5NTkwMiZpPTEmZD1NVGMxTVRNd056Y3olN0NUVkJyUW1KcGRYRm9TZyUzRCUzRCU3Q01qQXlNUzB3TWkweU5pc3hOaVV6UVRBd0pUTkJNREElM0QlN0NUa3d0TWpBeU1TMHdNaTExY3kxelp5MXpZUzFwYkMxdFpTMXRhM1J2TFdWMExYUnlhV0ZzY3clM0QlM0QlN0MlN0NZVEZqT0dOa1l6UmlaR05sTWpoaE5qRSUzRCU3QyIsInBhZ2VHcm91cCI6IlBPU1QiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI4YzJkN2Y5NC1hOWM1LTQzYjItODNhNC1jZGNmNzExYWUwNWUiLCJzZWN0aW9uTmFtZSI6IkFQX1RfUl9yZXNwb25zaXZlWHJlc3BvbnNpdmVfOGMyZDciLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzM3MDIwX3Jlc3BvbnNpdmVYcmVzcG9uc2l2ZV84YzJkN2Y5NC1hOWM1LTQzYjItODNhNC1jZGNmNzExYWUwNWUiLCJzZXJ2aWNlcyI6WzIsM10sImFkVW5pdFR5cGUiOjF9XX0=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 05:25:24 GMT
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 mac-malware-proxy-setting.png
thehackernews.com/images/-NVSyZ3p4IlA/YDNha0NbQ_I/AAAAAAAAB2U/cVrQtTPe4jg6CyfGxJPzhsye_9tid4a1wCLcBGAsYHQ/s72-c-e100/ 3 KB
4 KB 28ms
28ms Image
image/webp 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/images/-NVSyZ3p4IlA/YDNha0NbQ_I/AAAAAAAAB2U/cVrQtTPe4jg6CyfGxJPzhsye_9tid4a1wCLcBGAsYHQ/s72-c-e100/mac-malware-proxy-setting.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c186ee5412e228992ce6b29f1451ce3a8906843c57d0c6e17062f493d957297

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:25:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 77983
cf-polished: origFmt=png, origSize=4667
content-disposition: inline; filename="mac-malware-proxy-setting.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3172
x-xss-protection: 0
expires: Fri, 04 Jun 2021 05:23:32 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "v766"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gOr3rVXBL%2FIxoJ8DXBuLBGh9y6FiImgNNGPp%2F%2FiCyl4G%2BhDWqLEe%2Bx9oLkErIKwqHbiW5j7iD2kKZWpwGDcvSChNv42voehHlP7TUxJA2SRsM9914F0qGkAzoY0XAg%3D%3D"}],"max_age":604800}
content-type: image/webp
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=8640000, immutable
cf-request-id: 08838bf23e00009808c4133000000001
accept-ranges: bytes
cf-ray: 627f7c306f939808-FRA
access-control-expose-headers: Content-Length

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ 42 B
479 B 54ms
41ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss23RfMMpPzJkXQjnCG8cYT2938E76IMGdJ0NettQUf3h_S9KYL8THEviUDSGppDjj3SO8oZbxeww&sig=Cg0ArKJSzNH5jqNBbzDSEAE&id=lidar2&mcvt=1086&p=170,436,260,1164&mtos=1086,1086,1086,1086,1086&tos=1086,0,0,0,0&v=20210226&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=34&adk=4037400832&rs=6&met=mue&la=0&cr=0&osd=0&vs=4&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 05:25:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 49 KB
3 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.en_US.G_HddYVZy-Y.es5.O/d=1/ct=zgms/rs=AJlcJMyl9KQvNYM6hnd7EWrUog7Lu-X3XA/m=iabtcfv2wallscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e79651beedc07555c4da72377f0e4644b7e309c665f5b6a906806d6cf452608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Feb 2021 05:25:25 GMT
server: ESF
date: Sat, 27 Feb 2021 05:25:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Feb 2021 05:25:25 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 1 KB
1 KB 20ms
6ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210227

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.1614258692488.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

872b7cf3b24a2e31e46e67d43529278a328f4781beeeef306259dc8c6548a968

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 23079
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 744
etag: W/"53b-CzYjvYm+Ah5fUATVsnn2yL7BKn4"
x-served-by: cache-fra19125-FRA, cache-hhn4083-HHN
date: Sat, 27 Feb 2021 05:25:25 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thehackernews.com
Referer: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 06:09:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 256559
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Thu, 24 Feb 2022 06:09:26 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v78/ 98 KB
98 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v78/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d28a8f2e4d4019f6b6acab6a4852d5432c8aec7cfb2fd3aa21acd392a59827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thehackernews.com
Referer: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 00:17:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Feb 2021 00:08:39 GMT
server: sffe
age: 364049
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100040
x-xss-protection: 0
expires: Wed, 23 Feb 2022 00:17:56 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thehackernews.com
Referer: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 01:51:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 12835
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Sun, 27 Feb 2022 01:51:30 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thehackernews.com
Referer: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 13:07:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 231473
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 24 Feb 2022 13:07:32 GMT

POST
H3-Q050 204 AGSKWxWyrsccTf_vRJcSFT_TsoE7HubkZvqFM7EHV8lSOGflbaG5pNXnP4oWxJeakgGymzEAzR0Sn6D3kKMxc0m0DmvWC9HSLiKwiHAb5IzJrm3lAJ1pn8L90yrYYmHe9aDm8Ecr74zUNY1WMJsgmnzs_2uO6bDjHAAVR2cq6LAm40316Yl_cykOScdD9NZ6 Show response
fundingchoicesmessages.google.com/l/ 0
556 B 20ms
19ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxWyrsccTf_vRJcSFT_TsoE7HubkZvqFM7EHV8lSOGflbaG5pNXnP4oWxJeakgGymzEAzR0Sn6D3kKMxc0m0DmvWC9HSLiKwiHAb5IzJrm3lAJ1pn8L90yrYYmHe9aDm8Ecr74zUNY1WMJsgmnzs_2uO6bDjHAAVR2cq6LAm40316Yl_cykOScdD9NZ6?dmid=970e7566fd7b1e49

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bGQxLAwBkym2+7FK1aNPiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-bGQxLAwBkym2+7FK1aNPiA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Feb 2021 05:25:25 GMT
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thehackernews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-bGQxLAwBkym2+7FK1aNPiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-bGQxLAwBkym2+7FK1aNPiA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2021022301.js Show response
securepubads.g.doubleclick.net/gpt/ 290 KB
102 KB 105ms
60ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Feb 2021 09:41:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104129
x-xss-protection: 0
expires: Sat, 27 Feb 2021 05:25:25 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 119ms
39ms XHR
application/javascript 13.224.192.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-34.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 8kbPIzTLk7_TMvnggUSDACBTugDfX2qC
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 61518
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 29 Jan 2021 06:42:57 GMT
server: AmazonS3
date: Fri, 26 Feb 2021 12:20:08 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: pPdcPumT_KwCfHFUm8znBBxtYg8kk7yJZ9Zedp33pA25K_f_2YD-aw==

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ 42 B
66 B 27ms
27ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoY9C8rPiploXZpM4h8xVIe11vNJYcZ-8BG5SPhEuQoU7L_DTYdu40c0uQRq6TCbMuJci1tpMprffpvXmybsPaow&sig=Cg0ArKJSzIbE8KphC6RsEAE&id=lidar2&mcvt=1047&p=423,1031,673,1331&mtos=1047,1047,1047,1047,1047&tos=1047,0,0,0,0&v=20210226&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=32&adk=2533488392&rs=6&la=0&cr=0&osd=0&vs=4&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 05:25:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C00 0
46 B 29ms
28ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bk59ZxNc5YLTxIsjd7_UPpdmh4AYAAAAAOAHgBAI&bg=!cnGlcTLNAAXB_3NtwTsAKQB2-Dxa_tajKEjfC6lJSp8AnXFibs7TiY5urqTgkGAmhzApFU7yWQeoAgAAAmJSAAAADGgBBwoA-U8gWE9m_JoSFjFhBZaUJ2HMHmUc-8L5VMpbbahp7EFJ0P2BKoHC8eTQ-EE4Ax80lUvLIWY6KJeUZEtzlFgTcPuXfGJxrqMEAT9d7NYEoseiaHYQdNLGk2aDvdGZjKFPUVyo5ISVRudBvxBLrvA03672LMF1T7pE4ixJSq_QMbcjmiulQTBmbQcOR30t6JizDUR86FHXKT5BsCNJCy31j8lEqIuN9_AeOC_caJlMAbE_3CKKTCdBpsXFczj44DJrQYDMZu9RxUhm28SDAtIclVHv7VdNUJaDVOL3qD9BzQ4sXkRRvC2wIhsz4oZrSQFHL2EKiZOsaWx7TpkCGXlvxHirVCYSIq1v0Kr5-qI1CJqGI5IrDMmqbo6pMKry-cMFHuGA1chJJQjDivQZlrgf4R4D8e6ND6yjNQhtGRxsNC0GMl-MolZPdSW_x6MS5O9twTBykrwXDXne5q7vrVhUcnmB5p_WgpHFFeYswOW1fWfuqTNFv_YB9qL3CyzKvSq0P4zS6TRzdjlLB4jZOLpe24PwWV5SDE-RVVY4aNzwtzDbQAl1ZnI-XdhJ8Ar9WOQ5MQMNLPt9RkZl0a-4TBM_7LiGYFPHL62UIuBtt6jN7SEawwWr1lWV0a_RxzkdJaFc1ij--JpcZL3IB04YRZ03jsjS-lRbR5VvLEulLPEL8fRzePJu79LLS6MXsC6gzvFqfk5VIhnQIUG23cetZbtqgDUs9uQQJfM_M3r5d_LAv-PcG9p2nbWM5ux6Dk0lfk0Mf3JiV9_TknphvfhkiJTILOVwlHJdRUq1Tv5TyHnopJo8konWl7S0xe0-ss0oxM4NXb0DkCSjQM2KOq9N7sCNrk4Tj6ZXaZc7EPLdYN57Qm6aFzbeZ1ulyW_gXJHjuY-iTaTOyTOv1nAivgvdYzMVh36ksvT1Wxuxw7YYzzCyHHrkpBv9NW-phfbWdNXelQPcl5i0qdYHQ5sOyDFDOB_N7tYeV5iLBRM0P1ervGEdygnux1ByJi6Xlz0gWtq0zyg8VUarh9gE15KMq3mSwUbAVWnyc8hCYw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 05:25:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ 6 KB
3 KB 245ms
143ms Script
text/javascript 99.86.3.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=att_hs&pid=att01&cid=24935727_144332637_292494536&js=st_1pm&sz=300x250&c=te-dd55
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=att01&aid=att_hs&cid=24935727_144332127_292495514&js=st0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-68.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 1147957d988493c66a28e622974bcdd2bad53d322fdde9c686ed93cc1574171b

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 05:25:25 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 2287
x-amz-cf-id: qoXkuX0V4ZHJ8TtQA8CvDuQs5dOhK2b7tWlJwLgI7imM1joLMWvPTw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ 38 KB
12 KB 157ms
55ms Script
text/javascript 99.86.3.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=att_hs&pid=att01&cid=24935727_144332637_292494536&js=st_2
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=att01&aid=att_hs&cid=24935727_144332127_292495514&js=st0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-68.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: ce02a171fe79c0155c0e09b826d4e6542ab09be711d05cf4d75d569622a9d24c

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 16:59:18 GMT
content-encoding: gzip
server: nginx
age: 44767
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: GKyvtslXQlUiJly8bsjKcuIBAtdGACuUo8BiPO0iqV85sTDBatuURw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ 43 B
382 B 245ms
143ms Image
image/gif 99.86.3.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/cap?aid=att_hs&pid=att01&cid=24935727_144332637_292494536&w=300&h=250&c=46e8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-68.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 05:25:25 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: tKVNaW2yITUvLeuvLAZyUMd8whMDgpaIkmO4Lj4St3STCu0SrejgcQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ 6 KB
3 KB 239ms
145ms Script
text/javascript 99.86.3.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=att_hs&pid=att01&cid=24935727_144332127_292495514&js=st_1pm&sz=300x250&c=te-5957
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=att01&aid=att_hs&cid=24935727_144332127_292495514&js=st0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-68.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 1f45bef99641fc4e62ded1147884150d99bf2993fa7dc513f889bd48cf0aa9bc

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 05:25:25 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 2287
x-amz-cf-id: 5kpeGsxmJZHDkmkhzqQC4QRm63yieL4JuCWTyOMPTKJ88lUMC5wSag==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ 38 KB
12 KB 163ms
69ms Script
text/javascript 99.86.3.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=att_hs&pid=att01&cid=24935727_144332127_292495514&js=st_2
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=att01&aid=att_hs&cid=24935727_144332127_292495514&js=st0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-68.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: ce02a171fe79c0155c0e09b826d4e6542ab09be711d05cf4d75d569622a9d24c

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 04:28:40 GMT
content-encoding: gzip
server: nginx
age: 3405
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 3_U7QxvQACs0t7Jcj8u8PlXKCX5V1kCCGc8dMjBVxUQnYyvg-4gzzw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ 43 B
382 B 236ms
142ms Image
image/gif 99.86.3.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/cap?aid=att_hs&pid=att01&cid=24935727_144332127_292495514&w=300&h=250&c=1261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-68.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 05:25:25 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: q3ctEXfnArXeLEpYAr9wGBjprqyJ3nl47zHoNb75BqoFRPtzuLPG5w==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 get
choices.trustarc.com/ Frame A795 287 B
630 B 50ms
49ms Image
image/png 99.86.3.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/get?name=admarker-icon-tr.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-68.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Wed, 17 Feb 2021 21:15:23 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
server: nginx
age: 807002
x-frame-options: ALLOWALL
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
content-length: 287
x-amz-cf-id: 2hYnSLW5yp4EVTmQ1WLn6m4MH085v35Jlu8BX3sIHhuWzP0ZFqwkMg==
expires: Fri, 19 Mar 2021 21:15:23 GMT

GET
H2 200 get
choices.trustarc.com/ Frame A795 739 B
1 KB 50ms
49ms Image
image/png 99.86.3.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/get?name=admarker-full-tr.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-68.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sun, 07 Feb 2021 18:36:57 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
server: nginx
age: 1680508
x-frame-options: ALLOWALL
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
content-length: 739
x-amz-cf-id: kC_QkP_XL93t_JSR_tXryPueQEsK1x5KzlWVX7aMD91mZtFIbZZ6ag==
expires: Tue, 09 Mar 2021 18:36:57 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 123A 287 B
628 B 50ms
50ms Image
image/png 99.86.3.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/get?name=admarker-icon-tr.png

Requested by

Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=att_hs&pid=att01&cid=24935727_144332127_292495514&js=st_2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-68.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Wed, 17 Feb 2021 21:15:23 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
server: nginx
age: 807003
x-frame-options: ALLOWALL
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
content-length: 287
x-amz-cf-id: jfo8eQPXpu4to4es9kfArY60tHV-ruq0e1qiN6Rtjyt3FbF5XTi_8A==
expires: Fri, 19 Mar 2021 21:15:23 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 123A 739 B
1 KB 50ms
50ms Image
image/png 99.86.3.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/get?name=admarker-full-tr.png

Requested by

Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=att_hs&pid=att01&cid=24935727_144332127_292495514&js=st_2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-68.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sun, 07 Feb 2021 18:36:57 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
server: nginx
age: 1680509
x-frame-options: ALLOWALL
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
content-length: 739
x-amz-cf-id: BNz55RXfhrLpn3GIT-JvdHTY-xqxvpbwhst2CYxglWyBm91W4slwQw==
expires: Tue, 09 Mar 2021 18:36:57 GMT

GET
H/1.1 200
OK bsevent.gif
tps20518.doubleverify.com/ 807 B
1 KB 45ms
44ms Image
image/gif 213.254.244.15
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20518.doubleverify.com/bsevent.gif?impid=5e2ac84502ce40348a50ebffa4aea94b&pltfrm=Linux%20x86_64&cbust=1614403526163459
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.15 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Feb 2021 05:25:25 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 2/26/2021 5:25:26 AM

GET
H/1.1 200
OK bsevent.gif
tps20512.doubleverify.com/ 807 B
1 KB 45ms
45ms Image
image/gif 213.254.244.12
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20512.doubleverify.com/bsevent.gif?impid=f6cb26d0028b4baeb1eca3bf634f2a69&pltfrm=Linux%20x86_64&cbust=1614403526540172
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.12 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Feb 2021 05:25:26 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 2/26/2021 5:25:26 AM

POST
H/1.1 200
OK event.png
tps20231.doubleverify.com/ Frame B5D9 67 B
467 B 140ms
44ms Other
image/png 213.254.244.15
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20231.doubleverify.com/event.png?impid=9a6002d400be48509dfe239042f3d611&gdpr=&gdpr_consent=&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&vdur=139&eoid=6&msrjs=991&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&dvp_t1stMsgB=359&cbust=1614403526644984
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements991.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.15 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 27 Feb 2021 05:25:25 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 2/26/2021 5:25:26 AM

POST
H/1.1 200
OK event.png
tps20247.doubleverify.com/ Frame A8EA 67 B
445 B 135ms
44ms Other
image/png 213.254.244.12
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20247.doubleverify.com/event.png?impid=5913cf0d27e44151b4aaae6d00251630&gdpr=&gdpr_consent=&dvp_t1stMsgD=63&vdur=49&eoid=5&msrjs=991&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&cbust=1614403526830251
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements991.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.12 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 27 Feb 2021 05:25:26 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 2/26/2021 5:25:26 AM

POST
H/1.1 200
OK event.png
tps20231.doubleverify.com/ Frame B5D9 67 B
467 B 45ms
44ms Other
image/png 213.254.244.15
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20231.doubleverify.com/event.png?impid=9a6002d400be48509dfe239042f3d611&gdpr=&gdpr_consent=&msrcanlm=262794&msrcannum=4&eoid=8&ismms=59&isumms=58&isvelg=1&nvr=6&isbxdms=2259&b11=2411&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&dvp_mvpw=device-width&dvp_mvpis=1&lftb=2411&sftb=2411&msrdp=12&naral=262272&vct=1&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isiabvms=1015&isuiabvms=1015&ispmxpms=1015&engalms=57&engscrlms=63&dvp_hdnAd=0&dvp_pageEng=true&dvp_dpr=1&cbust=1614403527642542
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements991.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.15 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 27 Feb 2021 05:25:26 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 2/26/2021 5:25:27 AM

POST
H/1.1 200
OK event.png
tps20247.doubleverify.com/ Frame A8EA 67 B
445 B 45ms
44ms Other
image/png 213.254.244.12
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20247.doubleverify.com/event.png?impid=5913cf0d27e44151b4aaae6d00251630&gdpr=&gdpr_consent=&msrcanlm=714&msrcannum=8&eoid=7&ismms=19&isumms=19&isvelg=1&nvr=2&isbxdms=2119&b0=2365&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1&lftb=2365&sftb=2365&msrdp=8&naral=192&vct=1&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=18&engscrlms=24&dvp_hdnAd=0&dvp_pageEng=true&dvp_dpr=1&cbust=1614403527830456
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements991.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.12 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 27 Feb 2021 05:25:27 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 2/26/2021 5:25:27 AM

POST
H/1.1 200
OK event.png
tps20231.doubleverify.com/ Frame B5D9 67 B
467 B 45ms
44ms Other
image/png 213.254.244.15
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20231.doubleverify.com/event.png?impid=9a6002d400be48509dfe239042f3d611&gdpr=&gdpr_consent=&mascid=klna6c2777jsb65ohpu8o79b1rx8f79s&dvp_masver=991&eoid=9&cbust=1614403529746887
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements991.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.15 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 27 Feb 2021 05:25:28 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 2/26/2021 5:25:29 AM

POST
H/1.1 200
OK event.png
tps20247.doubleverify.com/ Frame A8EA 67 B
445 B 44ms
44ms Other
image/png 213.254.244.12
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20247.doubleverify.com/event.png?impid=5913cf0d27e44151b4aaae6d00251630&gdpr=&gdpr_consent=&mascid=klna6c2777jsb65ohpu8o79b1rx8f79s&dvp_masver=991&eoid=8&cbust=1614403529931297
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements991.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.12 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 27 Feb 2021 05:25:29 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 2/26/2021 5:25:29 AM

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
712 B 141ms
46ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.1614258692488.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 27 Feb 2021 05:25:33 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.74:80
AN-X-Request-Uuid: decbe131-a800-45f3-bcaa-9f80a4e98173
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thehackernews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 avjp Show response
adpushup-d.openx.net/v/1.0/ 106 B
478 B 133ms
54ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpushup-d.openx.net/v/1.0/avjp?ju=https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=0ccceef6-70bf-4b06-ba6b-3391992017e3&nocache=1614403533304&gdpr=1&schain=1.0,1!adpushup.com,aeb138a66c47c1d438a8907993e81712,1,,,&mimes[]=video/mp4&mimes[]=video/webm&minduration=0&maxduration=300&protocols[]=2&protocols[]=3&protocols[]=5&protocols[]=6&api[]=2&playbackmethod=6&linearity=1&auid=541218336&vwd=undefined&vht=undefined&vos=101&vmimes[]=video/mp4&vmimes[]=video/webm
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.1614258692488.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 05:25:33 GMT
via: 1.1 google
server: OXGW/16.202.0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://thehackernews.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 avjp Show response
adpushup-d.openx.net/v/1.0/ 106 B
296 B 346ms
267ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpushup-d.openx.net/v/1.0/avjp?ju=https://thehackernews.com/2021/02/first-malware-designed-for-apple-m1.html?sc_src=email_2683112&sc_lid=175130773&sc_uid=MPkBbiuqhJ&sc_llid=57951&utm_campaign=2021-02-26+16%3A00%3A00-NL-2021-02-us-sg-sa-il-me-mkto-et-trials&utm_source=email&utm_medium=email&sc_customer=&sc_eh=a1c8cdc4bdce28a61&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=a6481e56-39ab-46f3-bc73-23ce3f930389&nocache=1614403533304&gdpr=1&schain=1.0,1!adpushup.com,aeb138a66c47c1d438a8907993e81712,1,,,&mimes[]=video/mp4&mimes[]=video/webm&minduration=0&maxduration=300&protocols[]=2&protocols[]=3&protocols[]=5&protocols[]=6&api[]=2&playbackmethod=6&linearity=1&auid=541218336&vwd=undefined&vht=undefined&vos=101&vmimes[]=video/mp4&vmimes[]=video/webm
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.1614258692488.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 05:25:33 GMT
via: 1.1 google
server: OXGW/16.202.0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://thehackernews.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/211746/0/ 0
274 B 184ms
46ms XHR
text/plain 213.19.147.210
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/211746/0/mvo?z=1r&hbv=3.16.0-pre,2.1
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.1614258692488.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://thehackernews.com
Pragma: no-cache
Date: Sat, 27 Feb 2021 05:25:33 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

GET
H2 200 dc_oe=ChMIj7q75KmJ7wIV-MW7CB0EywB2EAAYACDjmv1C;met=1;&timestamp=1614403534850;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ 42 B
498 B 154ms
70ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj7q75KmJ7wIV-MW7CB0EywB2EAAYACDjmv1C;met=1;&timestamp=1614403534850;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehackernews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 05:25:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

pd
u.openx.net/w/1.0/ Frame BDE2
Redirect Chain

https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
https://u.openx.net/w/1.0/pd?cc=1&gdpr=1&gdpr_consent=

0
0

GET async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 3876 0
0

GET usync.html
eus.rubiconproject.com/ Frame 344A 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&gdpr=1&gdpr_consent=

Domain: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Domain: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.thehackernews.com/	1970-01-19 17:09:55	Name: __cfduid Value: d9bc5b9e439677b3ce697b968c1f664561614403523

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://c.amazon-adsystem.com/aax2/apstag.js(Line 2) Message: [object Object]
console-api	error	URL: https://c.amazon-adsystem.com/aax2/apstag.js(Line 2) Message: [object Object]
console-api	error	URL: https://c.amazon-adsystem.com/aax2/apstag.js(Line 2) Message: Error: No valid slots provided to apstag.fetchBids

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.doubleclick.net
ade.googlesyndication.com
adpushup-d.openx.net
ajax.cloudflare.com
att.demdex.net
c.amazon-adsystem.com
cdn.adpushup.com
cdn.doubleverify.com
cdn.jsdelivr.net
cdn3.doubleverify.com
cdnjs.cloudflare.com
choices.trustarc.com
choices.truste.com
d.agkn.com
e3.adpushup.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
link.acronis.online
pagead2.googlesyndication.com
rtb0.doubleverify.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tag.1rx.io
thehackernews.com
tpc.googlesyndication.com
tps.doubleverify.com
tps20231.doubleverify.com
tps20247.doubleverify.com
tps20512.doubleverify.com
tps20518.doubleverify.com
u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
acdn.adnxs.com
eus.rubiconproject.com
u.openx.net
13.224.192.34
142.250.185.70
142.250.185.98
142.250.186.34
142.250.74.194
18.195.77.77
185.33.220.244
205.234.175.175
213.19.147.210
213.254.244.12
213.254.244.15
217.175.192.22
23.97.225.52
2606:4700:20::ac43:4615
2606:4700::6810:125e
2606:4700::6810:a823
2a00:1450:4001:800::200a
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:811::200e
2a00:1450:4001:812::2004
2a00:1450:4001:812::2006
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2003
2a00:1450:400c:c1b::9c
2a02:26f0:6c00:2bd::4469
2a04:4e42:1b::621
34.98.64.218
52.212.209.68
65.9.187.7
99.86.3.68
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
0ac82ef6e754c2cc7414f9e5eb7fc731ac2d95e632ab29f28394a5e7ab885f34
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1147957d988493c66a28e622974bcdd2bad53d322fdde9c686ed93cc1574171b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
130eab0b79272570e565d77bb286b5755b9aae8f33efe8af7a2689bf8eabb859
1905877fe2e5173b0660cec8119b2a5181deaa7aa5b13cba6cbb5b67ee3b9274
1c186ee5412e228992ce6b29f1451ce3a8906843c57d0c6e17062f493d957297
1d7a1391ed3d30024786bd6a6b03b10fe4ed9a2a636719d430143e55161b4266
1ebad887a7f6076781307895d6c84a7534f5a7d2cdd3b31fd8fc8f049ff3a108
1f45bef99641fc4e62ded1147884150d99bf2993fa7dc513f889bd48cf0aa9bc
2467a9fefa378b8d57d62d9108794bcd476de6ce2cc1ba42ea85200fd73960b3
29f21aea7fc613d2618b70a483e0b4bf50ba3f4ce4109fa429ce580ec57ef991
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
32c80a55d06b9da550f41424241174895bdbe1dd174ee1d015a4d56747cd2a99
340c7ab919ef73763dba8fb069eff888766892ee21be0023f97908a7e087b7e2
3b69d494b9eeddcb47d238f5b283cdba5b9950d539f38597af73afea100d7412
3d8ab8467b889847c12c542bee765afc54acbaff1cc91ce3197ab4f2be8f08ff
40adb937145b21abf0b1dde7dfa4d0a80be21ce7bf7d4f85ca944022a23c6785
436d34cac4b7e1737c57ec8ef04663658c3eeac2e4a6dd9a8157e81c580ae182
46692916c4ed38bcfb441a383fb3e958e5a88be22b82e505a6db06e9d5be6117
47d28a8f2e4d4019f6b6acab6a4852d5432c8aec7cfb2fd3aa21acd392a59827
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
5e79651beedc07555c4da72377f0e4644b7e309c665f5b6a906806d6cf452608
633b9a7b81352810adc0d65fd98e1fc4dfcfe77fad4a2b46bfa3b690f64831ed
63be1bc0d7121438a70b91563e021cc1d6dab42d22e93d2569861de6d6c8768e
6795c5c8b9b0aeb87d6663ccd7a71fb9d2f2817fe9b5c2e67bce0d5a5e1309a1
6d03b66c5ae3f7a8e6c6b71336f44a819a322101d8c71270841fec1c1f412eb8
6eefcba6d0b51a5940e1a3b2fab08f71a653129b41da356a2e9b0c053acf0b16
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
74703b7991fb1785f4a70639c48f071bc9881ef0a0c5671f46d0e985efb55373
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
7c6a18b22a83fa93e8c85c67e4adbcdcabee898093e655ea7b5e2257dbe9191d
8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
8281f97a76006daca6af61a6520da862a0431fe89315aec52cb3954090a51ea8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85dfa91c770fb65bcac7572380ee5599fba69e3315830cb9a6f177b8287b04e6
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0
872b7cf3b24a2e31e46e67d43529278a328f4781beeeef306259dc8c6548a968
89602cb97c44ef298fd36ef415250bd41ace3353d431b0d05fe76ca38a7aafdd
8d6487dc2599772b6ccb8ed3c214aefeddf16e73d868abb94f2223c133af06d0
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9e7c07bacee2fbb7e0ed86b9c618631d00003f742a28efb49dc809a166992dda
a08b2468a64f2f705bae432f3ff0070d9c1ae3c8a2b2a1c0c3e8b9e1d62f76ed
a3e7972d50eeb5bc2bf543b00efb4bb60922d7d427067608905bf0aef0a78402
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a4b3a2a3d13b57f07aa855cf974c90cad593a53ac0f53cdc58d5f49c91eb2092
a5bdbf72ca0dc72c808c8a8ed5ad142ced6bdf367693fb95cedbb354e12df6a7
a71328300f380217ae0abf7f805052a10a0c196cb241eb97adf9b905e4a48c8a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b0e620dfb9137c44268fcf8e2a7585e36b5be03b7cdbc8bfa92eb08352f16767
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c2842ab20cc17cb61e32799c8cff642f37a20a933b12f678628b4666c0311f78
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c68598dc07e2b0b2210a69fe0c7776257b7e63468f354a4260bf7c92a9bed148
c6a9d65e5bd6eb2447ea57e398e1d30f3c6e2d022ecf195933d161ffed964690
c7a7551bc2aaaf9eeb663498f403171b8e21b92d5eb99526adc40ff934c8c374
c86b5ad0ceb4383e4266da631079c2d6f5df0d6254fe258489eaa2bb271bc8fd
ce02a171fe79c0155c0e09b826d4e6542ab09be711d05cf4d75d569622a9d24c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d009b17e40dccf63690c8420591b50a2d8b4cdc2dcb8721b5ed1e00eccacb103
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d7bc4f16e85842b6cb7d37d0deca1c19076337deed9a719f8ac1618fb62a4bd7
d8173130e3dbf4d0f6bcdc46fba4212aca13b1d2c84f6b49176b6244a479a22a
dcb5a04c97e3d2ed857eec3e85ce1c9d20c738c1936bbb1debe584c73fbaf99f
dd8eb575ecc96f1d57cfb94bbc8ea536a4d54bc9a4d4591b15a66a04709560ef
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea03b7e6fd91c6e179315d87523caf430b5680d9c5a37890fc4eff5bbde184e2
ebb6e22db0d7c272745bb255aecf1709b9f2af3694feeb2fc8febb5115d015c5
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03c3526dd6db1c340c972db0194f8b732611626e1bcde62426d70a68c7a023b
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5
f88754ecdaeedbf69845f3cb4015909beff31f92b173185c075ff8ab40ae3d02
fae504334d677dd7491a1b1ecfdc85703d235ea6ee5fb3c15250e3705e3cef31
fbb2434c34b639134a2ea1f493d5c1b62bc961ebee149918cc57978d6343387c
fe94fcc14c2b9f93c39cbe038796bff0ebc07a140ebd15e66b3a897b6a25bc82
feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

thehackernews.com Open in urlscan Pro 2606:4700:20::ac43:4615 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

129 Requests

98 %HTTPS

50 %IPv6

24 Domains

42 Subdomains

35 IPs

7 Countries

1879 kBTransfer

4943 kBSize

1 Cookies

33 Outgoing links

Page URL History

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

thehackernews.com Open in urlscan Pro
2606:4700:20::ac43:4615 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

98 %
HTTPS

50 %
IPv6

24
Domains

42
Subdomains

35
IPs

7
Countries

1879 kB
Transfer

4943 kB
Size

1
Cookies

129 HTTP transactions
8 data transactions