urlscan.io logo urlscan.io
SecurityTrails logo

thehackernews.com Open in urlscan Pro
172.67.70.21  Public Scan

Go To Rescan Add Verdict Report
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Submission: On September 11 via api from GB — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 41 IPs in 6 countries across 32 domains to perform 165 HTTP transactions. The main IP is 172.67.70.21, located in United States and belongs to CLOUDFLARENET, US. The main domain is thehackernews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 1st 2021. Valid for: a year.
This is the only time thehackernews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 172.67.70.21 13335 (CLOUDFLAR...)
7 184.30.25.225 16625 (AKAMAI-AS)
3 104.18.29.173 13335 (CLOUDFLAR...)
1 69.16.175.42 33438 (HIGHWINDS2)
8 213.254.244.20 36062 (DOUBLE-VE...)
4 23.97.225.52 8075 (MICROSOFT...)
19 142.250.65.194 15169 (GOOGLE)
5 99.84.85.10 16509 (AMAZON-02)
17 142.250.65.238 15169 (GOOGLE)
2 91.228.74.189 16509 (AMAZON-02)
4 142.250.80.66 15169 (GOOGLE)
1 99.84.82.27 16509 (AMAZON-02)
2 178.250.0.157 44788 (ASN-CRITE...)
1 151.101.13.229 54113 (FASTLY)
2 35.244.159.8 15169 (GOOGLE)
2 147.75.38.124 54825 (PACKET)
2 178.250.2.131 44788 (ASN-CRITE...)
2 37.252.172.38 29990 (ASN-APPNEX)
2 104.22.54.206 13335 (CLOUDFLAR...)
4 104.16.68.69 13335 (CLOUDFLAR...)
1 104.16.19.94 13335 (CLOUDFLAR...)
2 142.250.80.78 15169 (GOOGLE)
10 142.250.65.226 15169 (GOOGLE)
1 142.251.4.157 15169 (GOOGLE)
2 142.250.80.34 15169 (GOOGLE)
2 5 142.250.80.68 15169 (GOOGLE)
1 107.22.113.164 14618 (AMAZON-AES)
1 72.251.249.13 29791 (VOXEL-DOT...)
2 35.157.147.162 16509 (AMAZON-02)
1 69.173.144.143 26667 (RUBICONPR...)
1 204.237.133.116 62713 (AS-PUBMATIC)
14 142.250.64.97 15169 (GOOGLE)
1 142.250.65.225 15169 (GOOGLE)
4 142.250.80.10 15169 (GOOGLE)
3 142.250.80.35 15169 (GOOGLE)
2 178.250.0.130 44788 (ASN-CRITE...)
5 142.250.80.97 15169 (GOOGLE)
2 172.217.165.134 15169 (GOOGLE)
2 142.250.80.67 15169 (GOOGLE)
1 76.223.111.131 16509 (AMAZON-02)
165 41
14    172.67.70.21 (United States)

ASN13335 (CLOUDFLARENET, US)
thehackernews.com
7    184.30.25.225 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-225.deploy.static.akamaitechnologies.com
cdn.doubleverify.com
cdn3.doubleverify.com
3    104.18.29.173 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.adpushup.com
1    69.16.175.42 (United States)

ASN33438 (HIGHWINDS2, US)
PTR: tlb.hwcdn.net
code.jquery.com
8    213.254.244.20 (United States)

ASN36062 (DOUBLE-VERIFY, US)
rtb0.doubleverify.com
tps20515.doubleverify.com
tps20520.doubleverify.com
4    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
19    142.250.65.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
partner.googleadservices.com
adservice.google.de
5    99.84.85.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-85-10.muc50.r.cloudfront.net
c.amazon-adsystem.com
17    142.250.65.238 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f14.1e100.net
fundingchoicesmessages.google.com
2    91.228.74.189 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
4    142.250.80.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
www.googletagservices.com
1    99.84.82.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-82-27.muc50.r.cloudfront.net
rules.quantcount.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    151.101.13.229 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
2    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
2    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    104.22.54.206 (None, )

ASN13335 (CLOUDFLARENET, US)
i.connectad.io
4    104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
1    104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    142.250.80.78 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f14.1e100.net
www.google-analytics.com
10    142.250.65.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net
pagead2.googlesyndication.com
1    142.251.4.157 (United States)

ASN15169 (GOOGLE, US)
PTR: gm-in-f157.1e100.net
stats.g.doubleclick.net
2    142.250.80.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net
adservice.google.com
5    142.250.80.68 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f4.1e100.net
www.google.com
1    107.22.113.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-113-164.compute-1.amazonaws.com
ads.servenobid.com
1    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    35.157.147.162 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-147-162.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    204.237.133.116 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
14    142.250.64.97 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.65.225 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f1.1e100.net
f05cb00bbbfe215e93b921c479332c98.safeframe.googlesyndication.com
4    142.250.80.10 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f10.1e100.net
fonts.googleapis.com
3    142.250.80.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f3.1e100.net
www.gstatic.com
2    178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
5    142.250.80.97 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f1.1e100.net
cdn.ampproject.org
2    172.217.165.134 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s70-in-f6.1e100.net
s0.2mdn.net
2    142.250.80.67 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f3.1e100.net
fonts.gstatic.com
1    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
Apex Domain
Subdomains		 Transfer
25 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
f05cb00bbbfe215e93b921c479332c98.safeframe.googlesyndication.com
369 KB
24 google.com
fundingchoicesmessages.google.com
adservice.google.com
www.google.com
118 KB
18 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
227 KB
15 doubleverify.com
cdn.doubleverify.com
cdn3.doubleverify.com
rtb0.doubleverify.com
tps20515.doubleverify.com
tps20520.doubleverify.com
38 KB
14 thehackernews.com
thehackernews.com
258 KB
7 adpushup.com
cdn.adpushup.com
e3.adpushup.com
197 KB
5 ampproject.org
cdn.ampproject.org
102 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
43 KB
5 amazon-adsystem.com
c.amazon-adsystem.com
40 KB
4 googleapis.com
fonts.googleapis.com
3 KB
4 districtm.io
dmx.districtm.io
415 B
4 criteo.com
gum.criteo.com
bidder.criteo.com
1002 B
4 googletagservices.com
www.googletagservices.com
85 KB
3 rubiconproject.com
prebid-server.rubiconproject.com
fastlane.rubiconproject.com
3 KB
2 2mdn.net
s0.2mdn.net
1009 KB
2 criteo.net
static.criteo.net
54 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 connectad.io
i.connectad.io
848 B
2 adnxs.com
ib.adnxs.com
7 KB
2 a-mo.net
prebid.a-mo.net
215 B
2 openx.net
adpushup-d.openx.net
915 B
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
9 KB
1 adsrvr.org
match.adsrvr.org
545 B
1 google.de
adservice.google.de
853 B
1 pubmatic.com
hbopenbid.pubmatic.com
117 B
1 lijit.com
ap.lijit.com
635 B
1 servenobid.com
ads.servenobid.com
1 KB
1 googleadservices.com
partner.googleadservices.com
404 B
1 cloudflare.com
cdnjs.cloudflare.com
28 KB
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 quantcount.com
rules.quantcount.com
345 B
1 jquery.com
code.jquery.com
29 KB
165 32
Domain Requested by
17 fundingchoicesmessages.google.com cdn.adpushup.com
14 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
thehackernews.com
14 thehackernews.com thehackernews.com
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
thehackernews.com
10 pagead2.googlesyndication.com thehackernews.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
6 securepubads.g.doubleclick.net cdn.adpushup.com
securepubads.g.doubleclick.net
thehackernews.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 www.google.com 2 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
thehackernews.com
5 c.amazon-adsystem.com cdn.adpushup.com
c.amazon-adsystem.com
5 cdn.doubleverify.com thehackernews.com
cdn.doubleverify.com
4 fonts.googleapis.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
4 dmx.districtm.io cdn.adpushup.com
4 www.googletagservices.com cdn.doubleverify.com
www.googletagservices.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 e3.adpushup.com cdn.adpushup.com
thehackernews.com
3 www.gstatic.com googleads.g.doubleclick.net
3 tps20520.doubleverify.com cdn.doubleverify.com
3 tps20515.doubleverify.com cdn.doubleverify.com
3 cdn.adpushup.com thehackernews.com
cdn.adpushup.com
2 fonts.gstatic.com fonts.googleapis.com
2 s0.2mdn.net thehackernews.com
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 prebid-server.rubiconproject.com cdn.adpushup.com
2 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 www.google-analytics.com thehackernews.com
www.google-analytics.com
2 i.connectad.io cdn.adpushup.com
2 ib.adnxs.com cdn.adpushup.com
2 bidder.criteo.com cdn.adpushup.com
2 prebid.a-mo.net cdn.adpushup.com
2 adpushup-d.openx.net cdn.adpushup.com
2 gum.criteo.com cdn.adpushup.com
2 rtb0.doubleverify.com cdn.doubleverify.com
2 cdn3.doubleverify.com cdn.doubleverify.com
1 match.adsrvr.org cdn.adpushup.com
1 f05cb00bbbfe215e93b921c479332c98.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 hbopenbid.pubmatic.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 ap.lijit.com cdn.adpushup.com
1 ads.servenobid.com cdn.adpushup.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdnjs.cloudflare.com thehackernews.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 pixel.quantserve.com thehackernews.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com cdn.adpushup.com
1 code.jquery.com cdn.adpushup.com
165 47

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
adssettings.google.com
Subject Issuer Validity Valid
thehackernews.com
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-01-10 -
2022-01-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-22 -
2022-06-21		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.adpushup.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-27 -
2022-08-29		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.a-mo.net
R3		 2021-07-16 -
2021-10-14		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2021-05-16 -
2022-05-15		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
ads.servenobid.com
Amazon		 2021-06-28 -
2022-07-27		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh

This page contains 16 frames:

Primary Page: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Frame ID: 63290DC6670F39B1742CE4146B3A3A13
Requests: 135 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 14D6F0FC10E676C6834C8E136C8194E0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: AED98D3AD04F783415A34EE6A2C13248
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 429B692543C8D1C1F183A3D31A15B3AF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 3BAB9CF94AD542F3B7DF02F5F84BA619
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html
Frame ID: 2CE4AA8ADA7C4A363E693C71258B0A5A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=2569898456&adf=3546401298&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1631310884&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&flash=0&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631337502568&bpp=3&bdt=2270&idt=399&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4107475632101&frm=20&pv=2&ga_vid=2047285284.1631337502&ga_sid=1631337503&ga_hid=164543264&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1031&ady=701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44749369%2C31062297%2C31062311&oid=3&pvsid=603390638843779&pem=370&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=khKurI6XFA&p=https%3A//thehackernews.com&dtd=412
Frame ID: 9FD325AAA4E7A9DE006E18BD6DCA04C4
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7983783048239650&output=html&adk=1812271804&adf=3025194257&lmt=1631310884&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631337502579&bpp=1&bdt=2281&idt=410&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=4107475632101&frm=20&pv=1&ga_vid=2047285284.1631337502&ga_sid=1631337503&ga_hid=164543264&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44749369%2C31062297%2C31062311&oid=3&pvsid=603390638843779&pem=370&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=416
Frame ID: BC9117A79778F09D5DF075B19540161F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 8159833A0370D03976F32645C06087CA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 116F37E409595B509A3C44E2146F9FE6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: BE790E80EA9B82BCB6162808C13061AD
Requests: 2 HTTP requests in this frame

Frame: https://f05cb00bbbfe215e93b921c479332c98.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 746DE0BB2E4411CC97D7AA4DE521A785
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8EA2700130521AB7E9DACC3811C90BCC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
Frame ID: 95AD4045507C3EA00E2E63F8E09B843C
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 647926E01E366CD7CD78AB8AB8FFBFC1
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/pagead/drt/ui
Frame ID: EA838D33ADA520459E35FDEE5890542D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • /([\d.]+)/jquery(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

165
Requests

98 %
HTTPS

0 %
IPv6

32
Domains

47
Subdomains

41
IPs

6
Countries

2656 kB
Transfer

5304 kB
Size

39
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 132
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 171
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

165 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sova-new-android-banking-trojan-emerges.html
thehackernews.com/2021/09/ 		110 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.70.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordPress VIP
Resource Hash
eb9c848ec9da18d752c1860659a158b81fa29012bc255c09b684d19707fcbf14
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
thehackernews.com
:scheme
https
:path
/2021/09/sova-new-android-banking-trojan-emerges.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 11 Sep 2021 05:18:20 GMT
content-type
text/html; charset=UTF-8
cf-ray
68ce6f4e9e76f9da-PRG
cache-control
private, max-age=0
expires
Sat, 11 Sep 2021 05:18:20 GMT
last-modified
Fri, 10 Sep 2021 21:54:44 GMT
link
</css/roboto.css>; as=style; rel=preload
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
content-security-policy
upgrade-insecure-requests
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
x-forwarded-for
216.131.114.198
x-frame-options
DENY
x-powered-by
WordPress VIP
x-xss-protection
1; mode=block
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8j1x8zc0AsFzbtVa3IwUAuWdKHKp6MW%2BTVmJH%2F0RNzlUx2Mtqm5%2FYHlsy4U20t0NY%2FygogqS%2FbwvElXeDJgH0FFP90f%2FBfcw%2FNaxR7GungrLSuJ6z%2BdDUp8Jaj41yeGDb2K"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-h2-pushed
</css/roboto.css>
roboto.css
thehackernews.com/css/ 		77 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehackernews.com/css/roboto.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.70.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d8ab8467b889847c12c542bee765afc54acbaff1cc91ce3197ab4f2be8f08ff
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCtUYPLnFVrhakVlqpJp9y0IMG2mmbrwFdziWOCZNwZ2GfrbiTVpyuOaLoTP8sLSUNxtJuQa49AmmJvCLCDTwqigYB%2BTO6cQJJ5Sk91zciiFNT0IIXYR8yl2mjF4t9PZ4Fkq"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, immutable
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
68ce6f50b836f9da-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
android-malware-1.jpg
thehackernews.com/images/-W2blSDXURgk/YTsbIAWTS7I/AAAAAAAADxI/7hxZF-p-ra0-maPi0TfloouSBXddukoNACLcBGAsYHQ/s0/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehackernews.com/images/-W2blSDXURgk/YTsbIAWTS7I/AAAAAAAADxI/7hxZF-p-ra0-maPi0TfloouSBXddukoNACLcBGAsYHQ/s0/android-malware-1.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.70.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
877b00a77d87000d3a8fea6daa60acd48a256484cff1ff34ef1edfd728bd1ad8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/images/-W2blSDXURgk/YTsbIAWTS7I/AAAAAAAADxI/7hxZF-p-ra0-maPi0TfloouSBXddukoNACLcBGAsYHQ/s0/android-malware-1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thehackernews.com
referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
45295
cf-polished
origSize=23542, status=webp_bigger
content-disposition
inline;filename="android-malware-1.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21773
x-xss-protection
0
expires
Sat, 11 Sep 2021 10:26:56 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"vf13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZ9UN6grHxc5vLN5NkZhI2OLOncYYq4JpY0H%2FQAfcAHXvyhCc4lJJc8bvgjQuA1nm4FU%2F6KFwIHCagj3i3eB0%2B79%2FD0zyC9sjO2wvik5zjt585eY7SurrCGsE8nE8Co5ioIG"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=8640000, immutable
accept-ranges
bytes
cf-ray
68ce6f510860f9da-PRG
access-control-expose-headers
Content-Length
malware-app.jpg
thehackernews.com/images/-OpfM75-keKg/YTsbvVURYLI/AAAAAAAADxQ/m2YBotMS_hk824RtCSlhkJJHvhaP6C94wCLcBGAsYHQ/s0/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehackernews.com/images/-OpfM75-keKg/YTsbvVURYLI/AAAAAAAADxQ/m2YBotMS_hk824RtCSlhkJJHvhaP6C94wCLcBGAsYHQ/s0/malware-app.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
819cca72414b7b4684b4e7f9f00d357aa8b52dc794531c421f87ee3face16808
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/images/-OpfM75-keKg/YTsbvVURYLI/AAAAAAAADxQ/m2YBotMS_hk824RtCSlhkJJHvhaP6C94wCLcBGAsYHQ/s0/malware-app.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thehackernews.com
referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67853
cf-polished
origSize=42050, status=webp_bigger
content-disposition
inline;filename="malware-app.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
40628
x-xss-protection
0
expires
Sat, 11 Sep 2021 10:27:27 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"vf15"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apEWXnumImkncpq8R6Rp0qb6kNAlAAyWx%2BiDCUczOpfEabNjPmC5s%2FdWNI%2F2JSS9TymEm4H4G21PDx6Ve1hrcrn8yNaHUwQ6OwX5nGsj1PGLq6XeUlE8WOx8nNED%2B7YyvtsB"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=8640000, immutable
accept-ranges
bytes
cf-ray
68ce6f51385b4137-PRG
access-control-expose-headers
Content-Length
android-malware.jpg
thehackernews.com/images/-Vg1h9GA3y0c/YTsawk0gvlI/AAAAAAAADxA/TsILchAlPGYMhmXI7fU2wcXSti5n0tkbQCLcBGAsYHQ/s0/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehackernews.com/images/-Vg1h9GA3y0c/YTsawk0gvlI/AAAAAAAADxA/TsILchAlPGYMhmXI7fU2wcXSti5n0tkbQCLcBGAsYHQ/s0/android-malware.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9a9c0b68251513288e324516fc86ffc96401a3597c6b0586c02203492b3bc15
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/images/-Vg1h9GA3y0c/YTsawk0gvlI/AAAAAAAADxA/TsILchAlPGYMhmXI7fU2wcXSti5n0tkbQCLcBGAsYHQ/s0/android-malware.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thehackernews.com
referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23707
content-disposition
inline;filename="android-malware.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
29274
x-xss-protection
0
expires
Sat, 11 Sep 2021 10:27:27 GMT
server
cloudflare
etag
"vf11"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FGPkjuQyQylEfS%2BJhpeiIIp4hcrQ9P53wceq1dNzae7z6p9AMYWnv3p9wUeMhzZmJp%2BR2b8DQvzSYRPTw0iHDZxKufsSjzxmgNxoimyvHHUj2JjgQIhf6Zj%2FKQOPGb%2Bq7jv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=8640000, immutable
accept-ranges
bytes
cf-ray
68ce6f51385c4137-PRG
access-control-expose-headers
Content-Length
dvbs_src.js
cdn.doubleverify.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292581945%26sid%3D5936378%26dvregion%3D2%26unit%3D300x250
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.225 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-225.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 11 Sep 2021 05:18:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:25 GMT
Server
Microsoft-IIS/10.0
ETag
"e6262781a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
dvbs_src.js
cdn.doubleverify.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292704445%26sid%3D5936378%26dvregion%3D2%26unit%3D728x90
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.225 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-225.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 11 Sep 2021 05:18:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:25 GMT
Server
Microsoft-IIS/10.0
ETag
"e6262781a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
rocket-loader.min.js
thehackernews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehackernews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
thehackernews.com
referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
last-modified
Tue, 07 Sep 2021 12:26:08 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"61375a60-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SznRr50mWMPwsZFn1d0faVcj2ervSuLfMvS0UVPGFGxzQyESpo1Xt%2BmHBWvDy2Ohf3xFXpFuA7JO3RnAprUXN3lxVllxNZdAp2oXvuxYLaD9k%2B2r6G1mTR1QE4uWgvj3nOqC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
cf-ray
68ce6f51385e4137-PRG
expires
Mon, 13 Sep 2021 05:18:20 GMT
adpushup.js
cdn.adpushup.com/37020/ 		370 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/37020/adpushup.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.29.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50af20ac38d336624a3b390f95128c0f07ad47715798b12eba2e5deffcc4ffa4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 Aug 2021 11:45:17 GMT
server
cloudflare
age
406849
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-cf-geodata
CZ
cf-ray
68ce6f51f9094137-PRG
expires
Sat, 11 Sep 2021 09:18:20 GMT
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6a9d65e5bd6eb2447ea57e398e1d30f3c6e2d022ecf195933d161ffed964690

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a71328300f380217ae0abf7f805052a10a0c196cb241eb97adf9b905e4a48c8a

Request headers

Referer
Origin
https://thehackernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/ 		442 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6795c5c8b9b0aeb87d6663ccd7a71fb9d2f2817fe9b5c2e67bce0d5a5e1309a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:20 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2016 17:52:17 GMT
server
nginx
etag
W/"56eaeed1-14e98"
vary
Accept-Encoding
x-hw
1631337500.dop211.fr8.t,1631337500.cds292.fr8.hn,1631337500.cds235.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
dvbs_src_internal99.js
cdn.doubleverify.com/ 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292581945%26sid%3D5936378%26dvregion%3D2%26unit%3D300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.225 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-225.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 11 Sep 2021 05:18:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:42 GMT
Server
Microsoft-IIS/10.0
ETag
"08bf9811a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19248
bst2tv3.html
cdn3.doubleverify.com/ Frame 14D6 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.225 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-225.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://thehackernews.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=23181
Date
Sat, 11 Sep 2021 05:18:20 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_789983608502&jsTagObjCallback=__tagObject_callback_789983608502&num=6&ctx=&cmp=&plc=&sid=&advid=&adsrv=&unit=&isdvvid=&uid=789983608502&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=92&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=1&brh=2&fwc=0&flt=34&fec=385&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau_hTauD%40G2%5C%3F6H%5C2%3F5C%40%3A5%5C32%3F%3C%3A%3F8%5CEC%40%3B2%3F%5C6%3E6C86D%5D9E%3E%3D&dvp_exetime=10.40&callbackName=__verify_callback_789983608502
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.20 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
0bf957d5426fd541fb253c545ec4d8a9b9a8d06b2d9541d71407582da6921338

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
X-DV-Response
0
Content-Encoding
gzip
Date
Sat, 11 Sep 2021 05:18:19 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
9/10/2021 5:18:20 AM
dv-match6.js
cdn.doubleverify.com/ Frame AED9 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.225 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-225.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 11 Sep 2021 05:18:20 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=26707
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
pb.37020.1630192405005.js
cdn.adpushup.com/prebid/ 		318 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.29.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8301ecbaea6924afc70648d6bb74bba76e3761422bd49e1fc12d02f434a4cfce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 28 Aug 2021 23:14:03 GMT
server
cloudflare
age
919488
etag
W/"612ac33b-4f73f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
68ce6f538aac4137-PRG
expires
Sun, 11 Sep 2022 05:18:20 GMT
a87f2819-2dae-493f-a8ce-261b3608dedd
https://thehackernews.com/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://thehackernews.com/a87f2819-2dae-493f-a8ce-261b3608dedd
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length
3743
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
346 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.29.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
cloudflare
age
83845
etag
W/"60d94cdb-1c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
68ce6f53fb094137-PRG
expires
Sat, 11 Sep 2021 09:18:20 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
320 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 05:18:20 GMT
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
sffe /
Resource Hash
2bb20b6f1fa70fd76060fede485c9e7e9a7fc76b26662d6294f42df8ebef6d15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"983 / 86 of 1000 / last-modified: 1631311793"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25077
x-xss-protection
0
expires
Sat, 11 Sep 2021 05:18:21 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.85.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-85-10.muc50.r.cloudfront.net
Software
Server /
Resource Hash
0ef8c06f838a4694022779182d58f23f4e5f101c43c31e146770b1d8afe79aa1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
r.QTuNPZAS6Ka9r._Ps3aOR9lC_U51he
content-encoding
gzip
etag
9bf0f0094df072113f60b73240a38f8f
age
789
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1ZKVXVXJXKJN6S55BE7F
date
Sat, 11 Sep 2021 05:05:11 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 37e2872b8b14122ba8fe3a34c3bb506b.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
MUC50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
3U8wLnhVFblIipbBP7PC8bfgt9BWmCu99EKs8FVF4yiGiC07zwwntQ==
AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=
fundingchoicesmessages.google.com/f/ 		93 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f14.1e100.net
Software
ESF /
Resource Hash
94e98a0f4b5808542f3712b65a83cbac3cbe04aceacdcdc012bcf06b36b070a4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-x0VHppwNFi8XYG5RhyS12A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-x0VHppwNFi8XYG5RhyS12A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-x0VHppwNFi8XYG5RhyS12A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-x0VHppwNFi8XYG5RhyS12A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:20 GMT
content-encoding
gzip
etag
"lp772EpWKwf8Kq7YKMhbuw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Sat, 18 Sep 2021 05:18:20 GMT
bsevent.gif
tps20515.doubleverify.com/ 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20515.doubleverify.com/bsevent.gif?impid=8f5d3409120a4c3f8b5e7a1d36e2c91e&dvp_or2=1&cbust=1631337500911872
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.20 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 11 Sep 2021 05:18:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://thehackernews.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
9/10/2021 5:18:21 AM
bsevent.gif
tps20515.doubleverify.com/ 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20515.doubleverify.com/bsevent.gif?impid=8f5d3409120a4c3f8b5e7a1d36e2c91e&vfdur=276&cbust=1631337500912181
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.20 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 11 Sep 2021 05:18:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://thehackernews.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
9/10/2021 5:18:21 AM
dcmads.js
www.googletagservices.com/dcm/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
sffe /
Resource Hash
37bfceb04cc7a18df0c1da8269c382b3b088e870ab39a0987ae17a54589b2dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 11 Sep 2021 04:49:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1721
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4105
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 13:52:44 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 11 Sep 2021 05:49:40 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		2 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-27.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 04:50:12 GMT
via
1.1 af3abf09293a5c762de5e451f8d6a913.cloudfront.net (CloudFront)
server
AmazonS3
age
1688
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
MUC50-C1
content-length
2
x-amz-cf-id
spzJWARkPTihb-rkgiYC0_yuVgSXd3Yw1OgWQRM8JBkiMO9Otsvmtg==
config
c.amazon-adsystem.com/cdn/prod/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.85.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-85-10.muc50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 11:39:26 GMT
via
1.1 37e2872b8b14122ba8fe3a34c3bb506b.cloudfront.net (CloudFront)
server
Server
age
63534
x-cache
Hit from cloudfront
access-control-allow-origin
https://thehackernews.com
cache-control
max-age=64750, s-maxage=64800
access-control-allow-credentials
true
x-amz-cf-pop
MUC50-C1
x-amz-cf-id
-Qie19_NEIxDLVc4jsoBMmX03enp-mIH5hoRDceUK6JzzKzUBWB3tQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.85.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-85-10.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
S8kNCKkikutwvs4V44q0sFuZ4JNc9Ate
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
26962
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Tue, 07 Sep 2021 22:15:56 GMT
server
AmazonS3
date
Fri, 10 Sep 2021 22:33:42 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 89a45b9ac94fb6c6e52c37fdd89a6cb1.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
MUC50-C1
x-amz-cf-id
LsYx0XrrSyFdDMTFNz1zveBZ5WVtThDyHLeJh0_SN6O78GXZKn4leQ==
pixel;r=2076857403;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html;uh=78e1d296268e;uht=2;fpan=1;fpa=P0-646688519-1631337501102;...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2076857403;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html;uh=78e1d296268e;uht=2;fpan=1;fpa=P0-646688519-1631337501102;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=thehackernews.com;je=0;sr=1600x1200x24;dst=0;et=1631337501101;tzo=0;ogl=site_name.The%20Hacker%20News%2Clocale.en_US%2Ctype.article%2Ctitle.SOVA%3A%20New%20Android%20Banking%20Trojan%20Emerges%20With%20Growing%20Capabilities%2Cimage.https%3A%2F%2Fthehackernews%252Ecom%2Fimages%2F-W2blSDXURgk%2FYTsbIAWTS7I%2FAAAAAAAADxI%2F7hxZF-p-ra%2Cdescription.Researchers%20discover%20a%20new%20Android%20banking%20Trojan%20with%20increasing%20capabilities%2Curl.https%3A%2F%2Fthehackernews%252Ecom%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges%252Ehtml
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 05:18:21 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
impl_v78.js
www.googletagservices.com/dcm/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v78.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
sffe /
Resource Hash
07000140ab52c28ef2a522fae638638b2783786e8e2ae8cb883cc1f0a0c00df0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 11 Sep 2021 01:49:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12521
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15595
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 17:50:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 01:49:40 GMT
pubads_impl_2021090701.js
securepubads.g.doubleclick.net/gpt/ 		333 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
sffe /
Resource Hash
ac8d2f2be577b89fdbd26a497ece0c0bc127dd2ed5676119e0055b62e4daf48e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Sep 2021 08:38:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119497
x-xss-protection
0
expires
Sat, 11 Sep 2021 05:18:21 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		143 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=thehackernews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
3e2662d2cc5114073ccdc2611e908b3b51990027b5cbb651c69954274e2123db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Sep 2021 05:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106
x-xss-protection
0
expires
Sat, 11 Sep 2021 05:18:21 GMT
AGSKWxWUQHFmk3kD8AsnlXGu_ovIuEQW63QjzY1ZbRDLISyy2P_gcdO9lDWzwnjF1loSzXASnD21Wu-Qtqsm4uQdRJA=
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWUQHFmk3kD8AsnlXGu_ovIuEQW63QjzY1ZbRDLISyy2P_gcdO9lDWzwnjF1loSzXASnD21Wu-Qtqsm4uQdRJA=?pvid=417132D4-1018-4977-B05C-6ADE8DBCB639&anonid=4870569B-257E-4A66-AFF4-CFC4306624B7
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.KiQvK_SNewk.es5.O/d=1/rs=AJlcJMwllTyluRqLaHXDUePiis_3uxG8Cw/m=loader_js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1MF54bU03QpNdyFXFOgmKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-1MF54bU03QpNdyFXFOgmKw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 Sep 2021 05:18:21 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-1MF54bU03QpNdyFXFOgmKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-1MF54bU03QpNdyFXFOgmKw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWUQHFmk3kD8AsnlXGu_ovIuEQW63QjzY1ZbRDLISyy2P_gcdO9lDWzwnjF1loSzXASnD21Wu-Qtqsm4uQdRJA=
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWUQHFmk3kD8AsnlXGu_ovIuEQW63QjzY1ZbRDLISyy2P_gcdO9lDWzwnjF1loSzXASnD21Wu-Qtqsm4uQdRJA=?pvid=417132D4-1018-4977-B05C-6ADE8DBCB639&anonid=4870569B-257E-4A66-AFF4-CFC4306624B7
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.KiQvK_SNewk.es5.O/d=1/rs=AJlcJMwllTyluRqLaHXDUePiis_3uxG8Cw/m=loader_js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hWw7imlFWXwF6W6Oa2w77Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-hWw7imlFWXwF6W6Oa2w77Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 Sep 2021 05:18:21 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-hWw7imlFWXwF6W6Oa2w77Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-hWw7imlFWXwF6W6Oa2w77Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWUQHFmk3kD8AsnlXGu_ovIuEQW63QjzY1ZbRDLISyy2P_gcdO9lDWzwnjF1loSzXASnD21Wu-Qtqsm4uQdRJA=
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWUQHFmk3kD8AsnlXGu_ovIuEQW63QjzY1ZbRDLISyy2P_gcdO9lDWzwnjF1loSzXASnD21Wu-Qtqsm4uQdRJA=?pvid=417132D4-1018-4977-B05C-6ADE8DBCB639&anonid=4870569B-257E-4A66-AFF4-CFC4306624B7
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.KiQvK_SNewk.es5.O/d=1/rs=AJlcJMwllTyluRqLaHXDUePiis_3uxG8Cw/m=loader_js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-N/3/BsfVF41YF+OjkTHRyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-N/3/BsfVF41YF+OjkTHRyw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 Sep 2021 05:18:21 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-N/3/BsfVF41YF+OjkTHRyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-N/3/BsfVF41YF+OjkTHRyw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWRnisNNWx-LAbKToAB-k--uRgwRzNtC-Z0hJITHpEk8geoKHUBnaWcMlcA_0bzqCmbjHZUnkcKjIuLueslMG8=
fundingchoicesmessages.google.com/f/ 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWRnisNNWx-LAbKToAB-k--uRgwRzNtC-Z0hJITHpEk8geoKHUBnaWcMlcA_0bzqCmbjHZUnkcKjIuLueslMG8=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjMxMzM3NTAxLDQwNzAwMDAwMF0sIjQxNzEzMkQ0LTEwMTgtNDk3Ny1CMDVDLTZBREU4REJDQjYzOSIsIjQ4NzA1NjlCLTI1N0UtNEE2Ni1BRkY0LUNGQzQzMDY2MjRCNyIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3RoZWhhY2tlcm5ld3MuY29tLzIwMjEvMDkvc292YS1uZXctYW5kcm9pZC1iYW5raW5nLXRyb2phbi1lbWVyZ2VzLmh0bWwiXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.KiQvK_SNewk.es5.O/d=1/rs=AJlcJMwllTyluRqLaHXDUePiis_3uxG8Cw/m=loader_js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f14.1e100.net
Software
ESF /
Resource Hash
55fbc547fefa8c036592c8ab30b1e4b7ba3917c41aa96ea1ca2606521eb57295
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SCJPGuyfkoYBIrCBOKTyMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-SCJPGuyfkoYBIrCBOKTyMg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 05:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-SCJPGuyfkoYBIrCBOKTyMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-SCJPGuyfkoYBIrCBOKTyMg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MzEzMzc1MDE0MDgsInBhY2tldElkIjoiMDAwMDkwOUMtYTEwNTc0ODEtNmExZS00YTc2LThiMWYtZjc2MWQzMDAxN2MyIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIxLzA5L3NvdmEtbmV3LWFuZHJvaWQtYmFua2luZy10cm9qYW4tZW1lcmdlcy5odG1sIiwibW9kZSI6MiwiZXJyb3JDb2RlIjo3LCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 05:18:20 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eae76cb616003cb3e918dfd9f58d63cc8e832aa9d11a9eda64b1476af57e746a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/jpeg
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MzEzMzc1MDE0MTIsInBhY2tldElkIjoiMDAwMDkwOUMtYTEwNTc0ODEtNmExZS00YTc2LThiMWYtZjc2MWQzMDAxN2MyIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIxLzA5L3NvdmEtbmV3LWFuZHJvaWQtYmFua2luZy10cm9qYW4tZW1lcmdlcy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijk2N2VjZmFkLWJmNmItNDI5ZS05YTM5LTk3NzBjOGI3ZDE4OCIsInNlY3Rpb25OYW1lIjoiQVBfVF9SX3Jlc3BvbnNpdmVYcmVzcG9uc2l2ZV85NjdlYyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfMzcwMjBfcmVzcG9uc2l2ZVhyZXNwb25zaXZlXzk2N2VjZmFkLWJmNmItNDI5ZS05YTM5LTk3NzBjOGI3ZDE4OCIsInNlcnZpY2VzIjpbMiwzXSwiYWRVbml0VHlwZSI6MX1dfQ==
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 05:18:20 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MzEzMzc1MDE0MTYsInBhY2tldElkIjoiMDAwMDkwOUMtYTEwNTc0ODEtNmExZS00YTc2LThiMWYtZjc2MWQzMDAxN2MyIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIxLzA5L3NvdmEtbmV3LWFuZHJvaWQtYmFua2luZy10cm9qYW4tZW1lcmdlcy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjhjMmQ3Zjk0LWE5YzUtNDNiMi04M2E0LWNkY2Y3MTFhZTA1ZSIsInNlY3Rpb25OYW1lIjoiQVBfVF9SX3Jlc3BvbnNpdmVYcmVzcG9uc2l2ZV84YzJkNyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfMzcwMjBfcmVzcG9uc2l2ZVhyZXNwb25zaXZlXzhjMmQ3Zjk0LWE5YzUtNDNiMi04M2E0LWNkY2Y3MTFhZTA1ZSIsInNlcnZpY2VzIjpbMiwzXSwiYWRVbml0VHlwZSI6MX1dfQ==
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 05:18:20 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&pid=khcdXAxUJYRpa&cb=0&ws=1600x1200&v=7.69.00&t=3000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22730x290%22%2C%22728x280%22%2C%22728x250%22%2C%22728x90%22%2C%22690x90%22%2C%22690x250%22%2C%22690x280%22%2C%22675x90%22%2C%22675x280%22%2C%22675x250%22%2C%22670x90%22%2C%22670x280%22%2C%22670x250%22%2C%22650x90%22%2C%22650x280%22%2C%22650x250%22%2C%22650x150%22%2C%22630x90%22%2C%22630x280%22%2C%22630x250%22%2C%22602x100%22%2C%22600x90%22%2C%22600x280%22%2C%22600x250%22%2C%22580x90%22%2C%22570x90%22%2C%22550x150%22%2C%22468x60%22%2C%22336x280%22%2C%22320x50%22%2C%22320x100%22%2C%22300x50%22%2C%22300x100%22%2C%22300x75%22%2C%22300x250%22%2C%22250x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F103512698%2F22055424785%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22730x290%22%2C%22728x280%22%2C%22728x250%22%2C%22728x90%22%2C%22690x90%22%2C%22690x250%22%2C%22690x280%22%2C%22675x90%22%2C%22675x280%22%2C%22675x250%22%2C%22670x90%22%2C%22670x280%22%2C%22670x250%22%2C%22650x90%22%2C%22650x280%22%2C%22650x250%22%2C%22650x150%22%2C%22630x90%22%2C%22630x280%22%2C%22630x250%22%2C%22602x100%22%2C%22600x90%22%2C%22600x280%22%2C%22600x250%22%2C%22580x90%22%2C%22570x90%22%2C%22550x150%22%2C%22468x60%22%2C%22336x280%22%2C%22320x50%22%2C%22320x100%22%2C%22300x50%22%2C%22300x100%22%2C%22300x75%22%2C%22300x250%22%2C%22250x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F103512698%2F22055889203%22%7D%5D&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.85.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-85-10.muc50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:21 GMT
via
1.1 37e2872b8b14122ba8fe3a34c3bb506b.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://thehackernews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
4ohbnRd02oSRC0xPZTvutzfRzZhyOGDB7hwnWPTa4oXm__pccjjLFw==
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthehackernews.com%2F&domain=thehackernews.com&cw=1&lsw=1
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://thehackernews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://thehackernews.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1546
date
Sat, 11 Sep 2021 05:18:21 GMT
content-encoding
gzip
vary
Accept-Encoding
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210911
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.229 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5602d71c48b45b84797e0836f6f957388fbd2368ad953b380631f4a5563a453a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
6669
x-jsd-version
1.0.1096
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
952
etag
W/"69c-SJl1h+qOhvAqbL4T5pLjKUGe8sk"
x-served-by
cache-fra19129-FRA
x-jsd-version-type
version
date
Sat, 11 Sep 2021 05:18:21 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
json
gum.criteo.com/sid/ 		342 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthehackernews.com%2F&domain=thehackernews.com&cw=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
6e56358743aa409702be6cbfad0ff4d3e4b829174a0ff4feba89924ac7afed1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 11 Sep 2021 05:18:21 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2469
expires
0
arj
adpushup-d.openx.net/w/1.0/ 		172 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c2469d49-80a7-4e33-b84c-ea7938405661%2C5c1af49a-ebf1-4675-950d-ffb4a4994fbd&nocache=1631337501493&gdpr=0&pubcid=b648624f-e21c-4d28-948f-cb99c68cff07&quantcastid=P0-646688519-1631337501102&schain=1.0%2C1!adpushup.com%2Caeb138a66c47c1d438a8907993e81712%2C1%2C%2C%2C&aus=730x290%2C728x280%2C728x250%2C728x90%2C690x90%2C690x250%2C690x280%2C675x90%2C675x280%2C675x250%2C670x90%2C670x280%2C670x250%2C650x90%2C650x280%2C650x250%2C650x150%2C630x90%2C630x280%2C630x250%2C602x100%2C600x90%2C600x280%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C336x280%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C730x290%2C728x280%2C728x250%2C728x90%2C690x90%2C690x250%2C690x280%2C675x90%2C675x280%2C675x250%2C670x90%2C670x280%2C670x250%2C650x90%2C650x280%2C650x250%2C650x150%2C630x90%2C630x280%2C630x250%2C602x100%2C600x90%2C600x280%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C336x280%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200&divids=ADP_37020_responsivexresponsive_00000001-76001b10-d2b4-42f6-aba3-93f9ffa74f50%2CADP_37020_responsivexresponsive_00000001-d60bf4f0-5895-4d44-a646-830003683186&aucs=%2C&auid=541218336%2C541218336
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.215.0 /
Resource Hash
b0e0c47bb6d6b45757c3368699ba8473bfe7824bcdfcd232916e66530a5ac17f

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 05:18:21 GMT
content-encoding
gzip
server
OXGW/16.215.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://thehackernews.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Sat, 11 Sep 2021 05:18:21 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://thehackernews.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
cdb
bidder.criteo.com/ 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=64879600516
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thehackernews.com
date
Sat, 11 Sep 2021 05:18:21 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		262 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b6cb266d2584ba20b179b93155cf3788d2b1f3ce0303e7fc9e4bb78506fbc918
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 11 Sep 2021 05:18:21 GMT
X-Proxy-Origin
216.131.114.198; 216.131.114.198; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
26eec50e-292e-408b-942f-2a6d858fd3b0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thehackernews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
262
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v2
i.connectad.io/api/ 		0
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.54.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 Sep 2021 05:18:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
68ce6f5aeaf827bc-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
v1
dmx.districtm.io/b/ 		0
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 Sep 2021 05:18:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://thehackernews.com
access-control-allow-credentials
true
cf-ray
68ce6f5adb9e411a-PRG
access-control-allow-headers
Content-Type, Origin
v1
dmx.districtm.io/b/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 Sep 2021 05:18:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://thehackernews.com
access-control-allow-credentials
true
cf-ray
68ce6f5adba0411a-PRG
access-control-allow-headers
Content-Type, Origin
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		103 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
688a1e2444a1171a4cfbc8674c62d53bc663bf35a7825eb3563851e79694411c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
bst2tv3.html
cdn3.doubleverify.com/ Frame 429B 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.225 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-225.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://thehackernews.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=23180
Date
Sat, 11 Sep 2021 05:18:21 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/ 		1 KB
866 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_634365260878&jsTagObjCallback=__tagObject_callback_634365260878&num=6&ctx=&cmp=&plc=&sid=&advid=&adsrv=&unit=&isdvvid=&uid=634365260878&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=92&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=8&brh=2&fwc=0&fcl=197&flt=34&fec=488&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau_hTauD%40G2%5C%3F6H%5C2%3F5C%40%3A5%5C32%3F%3C%3A%3F8%5CEC%40%3B2%3F%5C6%3E6C86D%5D9E%3E%3D&dvp_exetime=10.40&callbackName=__verify_callback_634365260878
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.20 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
c85aeb5ee1085ab01b9a39284ba7e65c2d9b53f805442e636dc5923fb6b34f76

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
X-DV-Response
0
Content-Encoding
gzip
Date
Sat, 11 Sep 2021 05:18:21 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
9/10/2021 5:18:21 AM
dv-match6.js
cdn.doubleverify.com/ Frame 3BAB 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.225 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-225.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 11 Sep 2021 05:18:21 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=26706
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
bsevent.gif
tps20520.doubleverify.com/ 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20520.doubleverify.com/bsevent.gif?impid=3937e746682c4af8a69d6017cd076a82&vfdur=276&cbust=1631337501609934
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.20 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 11 Sep 2021 05:18:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://thehackernews.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
9/10/2021 5:18:21 AM
bsevent.gif
tps20520.doubleverify.com/ 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20520.doubleverify.com/bsevent.gif?impid=3937e746682c4af8a69d6017cd076a82&pltfrm=Linux%20x86_64&dvp_or1=1&cbust=1631337501622999
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.20 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 11 Sep 2021 05:18:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://thehackernews.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
9/10/2021 5:18:21 AM
bsevent.gif
tps20520.doubleverify.com/ 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20520.doubleverify.com/bsevent.gif?impid=3937e746682c4af8a69d6017cd076a82&dvp_or2=1&cbust=1631337501622881
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.20 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 11 Sep 2021 05:18:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://thehackernews.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
9/10/2021 5:18:21 AM
truncated
/ 		194 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f88754ecdaeedbf69845f3cb4015909beff31f92b173185c075ff8ab40ae3d02

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
protonmail.jpg
thehackernews.com/images/-NeY3pjiuKxc/YTYGd_g3zTI/AAAAAAAADvc/ilR3DaEZuW4ef56NUqHqE120xgMnE2aBQCLcBGAsYHQ/w72-h72-p-k-no-nu/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehackernews.com/images/-NeY3pjiuKxc/YTYGd_g3zTI/AAAAAAAADvc/ilR3DaEZuW4ef56NUqHqE120xgMnE2aBQCLcBGAsYHQ/w72-h72-p-k-no-nu/protonmail.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aee6ce9e6026aab897e6a28be76318a9434c63b425ae8ea7d6fb4d0541a30348
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/images/-NeY3pjiuKxc/YTYGd_g3zTI/AAAAAAAADvc/ilR3DaEZuW4ef56NUqHqE120xgMnE2aBQCLcBGAsYHQ/w72-h72-p-k-no-nu/protonmail.jpg
pragma
no-cache
cookie
__qca=P0-646688519-1631337501102; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1631337501391]]; _pbjs_userid_consent_data=3524755945110770; _pubcid=b648624f-e21c-4d28-948f-cb99c68cff07
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thehackernews.com
referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
121432
cf-polished
origFmt=jpeg, origSize=3283
content-disposition
inline; filename="protonmail.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2776
x-xss-protection
0
expires
Tue, 07 Sep 2021 19:58:59 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"vef8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGqF6pL7wbDuvBVpy2VjWTRsJ6UVPDuJ3azrotU1fvQD2NzTPeNsZ5hOpq6xtUNaVREwDcp73IjjghGiOtnGX2Y6eWMdFrp6nK1OUbvsvf01oA2Tjg3Z0W8t2BpAlUX3pnUA"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=8640000, immutable
accept-ranges
bytes
cf-ray
68ce6f594fe14137-PRG
access-control-expose-headers
Content-Length
microsoft-office-hack.jpg
thehackernews.com/images/-KnvkhCvOrtg/YTgvMst2aSI/AAAAAAAADvs/ibzrIC7hu6wR3f2vrtI3U2rW7SVg6UbKQCLcBGAsYHQ/w72-h72-p-k-no-nu/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehackernews.com/images/-KnvkhCvOrtg/YTgvMst2aSI/AAAAAAAADvs/ibzrIC7hu6wR3f2vrtI3U2rW7SVg6UbKQCLcBGAsYHQ/w72-h72-p-k-no-nu/microsoft-office-hack.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3c9b18745caf04dd75236c06f5b262a2c50ff99106797776eacbb905f0e95b0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/images/-KnvkhCvOrtg/YTgvMst2aSI/AAAAAAAADvs/ibzrIC7hu6wR3f2vrtI3U2rW7SVg6UbKQCLcBGAsYHQ/w72-h72-p-k-no-nu/microsoft-office-hack.jpg
pragma
no-cache
cookie
__qca=P0-646688519-1631337501102; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1631337501391]]; _pbjs_userid_consent_data=3524755945110770; _pubcid=b648624f-e21c-4d28-948f-cb99c68cff07
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thehackernews.com
referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24791
cf-polished
status=not_needed
content-disposition
inline;filename="microsoft-office-hack.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3169
x-xss-protection
0
expires
Thu, 09 Sep 2021 13:41:20 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"vefc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFFkdBI2hvnB5eAClB6iEJ1UkmSRI4XR5N7rUpoteRZyFmhGYF6fPXYcOCJRBtslpk%2BOHJtB1pI%2FfC8eKHO2%2F%2FXWrHknF2LwmXMffiIkqNMCyxVy43yMZwzVEKdPB1E3eLg%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=8640000, immutable
accept-ranges
bytes
cf-ray
68ce6f594fe24137-PRG
access-control-expose-headers
Content-Length
vpng.jpg
thehackernews.com/images/-05Y4azfOtHY/YTmz5X6CzVI/AAAAAAAADwU/FmcJruB5qJM-D9XZtYFV-FPRYfwHpYpHwCLcBGAsYHQ/w72-h72-p-k-no-nu/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehackernews.com/images/-05Y4azfOtHY/YTmz5X6CzVI/AAAAAAAADwU/FmcJruB5qJM-D9XZtYFV-FPRYfwHpYpHwCLcBGAsYHQ/w72-h72-p-k-no-nu/vpng.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
278e8a13d324d852846e09b1c13e8d601d61851f5c65caaec11b19b990eab45e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/images/-05Y4azfOtHY/YTmz5X6CzVI/AAAAAAAADwU/FmcJruB5qJM-D9XZtYFV-FPRYfwHpYpHwCLcBGAsYHQ/w72-h72-p-k-no-nu/vpng.jpg
pragma
no-cache
cookie
__qca=P0-646688519-1631337501102; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1631337501391]]; _pbjs_userid_consent_data=3524755945110770; _pubcid=b648624f-e21c-4d28-948f-cb99c68cff07
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thehackernews.com
referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38087
cf-polished
origSize=1797, status=webp_bigger
content-disposition
inline;filename="vpng.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1776
x-xss-protection
0
expires
Sat, 11 Sep 2021 18:43:34 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"vf06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JeJiQcbAN6p2MVTbM%2B14CttqMV6pM39UFlxRFs7lRaer%2BTXjTujgC81mL%2FcHoN%2ByT5wocuX1aC8VkazEK1Y1QyJjxtu8b08g%2FqK6CJm2SztfQtsKAtjyKN4iPW5c0OH%2BndgU"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=8640000, immutable
accept-ranges
bytes
cf-ray
68ce6f594fe34137-PRG
access-control-expose-headers
Content-Length
Atlassian-Confluence.jpg
thehackernews.com/images/-K3dizOjpw9k/YTMdtj_gj_I/AAAAAAAADuM/yZKhckretz4v10FCjULiIDJAtOe9n3-CgCLcBGAsYHQ/w72-h72-p-k-no-nu/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehackernews.com/images/-K3dizOjpw9k/YTMdtj_gj_I/AAAAAAAADuM/yZKhckretz4v10FCjULiIDJAtOe9n3-CgCLcBGAsYHQ/w72-h72-p-k-no-nu/Atlassian-Confluence.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de0e9a8ccecb80cf52d488a6b59aabe9c8eeb74978a744507c42eb13fa4fc031
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/images/-K3dizOjpw9k/YTMdtj_gj_I/AAAAAAAADuM/yZKhckretz4v10FCjULiIDJAtOe9n3-CgCLcBGAsYHQ/w72-h72-p-k-no-nu/Atlassian-Confluence.jpg
pragma
no-cache
cookie
__qca=P0-646688519-1631337501102; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1631337501391]]; _pbjs_userid_consent_data=3524755945110770; _pubcid=b648624f-e21c-4d28-948f-cb99c68cff07; cto_bidid=6zCzUV82QTd3UDBZVnlJcTUlMkZmVnhzZTY5d3E5RW9FOW9NY2dVNFVqYzRieUxwVm44V1lxMk01T0h1V2JaUVZtOXBSaVBTM29QNGZoaWNDZ3hkQ044d2lpSHZBJTNEJTNE; cto_bundle=T8kKfF9MTjg5dWNrc1lFS2slMkY3aFo2VFNwTjZoVSUyRnJjTlZXbllkT244d3UzOGgwamxLdHg3Z1JQTlVyTU1SVGpqVTdNaHo3S1lkTTJWVTRwT0h4bFAwVFJZWmZkWTdXWEs5UGY4ZlNiRFhkbm5MZlU5Y2plOGdzQ2w3TlZRb3ElMkZLTzdzag
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thehackernews.com
referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24791
cf-polished
origFmt=jpeg, origSize=3049
content-disposition
inline; filename="Atlassian-Confluence.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2566
x-xss-protection
0
expires
Sat, 11 Sep 2021 22:25:10 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"vee4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYm%2Bwg70WsGwztjUdwJjkhyHLK7HjcR7aUMN90OqfSe5kpObH4c0B1mRT27UznPuRfMhfzXn6t9yXD351pn9VB9sfw8zFizjnCzsDa2Ob8TnB31fGlxogTEFMn8FKIhnSazj"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=8640000, immutable
accept-ranges
bytes
cf-ray
68ce6f5a28bd4137-PRG
access-control-expose-headers
Content-Length
jenkin.jpg
thehackernews.com/images/-ECBRNAQfxt4/YTc5IJ3yF6I/AAAAAAAADvk/AKO-gQEBwOICCTQJArFbT7OQXrde61d-wCLcBGAsYHQ/w72-h72-p-k-no-nu/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehackernews.com/images/-ECBRNAQfxt4/YTc5IJ3yF6I/AAAAAAAADvk/AKO-gQEBwOICCTQJArFbT7OQXrde61d-wCLcBGAsYHQ/w72-h72-p-k-no-nu/jenkin.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc731bfcf04ea5d554c6c469fabbaf5c8fc449850438bd5f243dbfc2c69b12ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/images/-ECBRNAQfxt4/YTc5IJ3yF6I/AAAAAAAADvk/AKO-gQEBwOICCTQJArFbT7OQXrde61d-wCLcBGAsYHQ/w72-h72-p-k-no-nu/jenkin.jpg
pragma
no-cache
cookie
__qca=P0-646688519-1631337501102; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1631337501391]]; _pbjs_userid_consent_data=3524755945110770; _pubcid=b648624f-e21c-4d28-948f-cb99c68cff07; cto_bidid=6zCzUV82QTd3UDBZVnlJcTUlMkZmVnhzZTY5d3E5RW9FOW9NY2dVNFVqYzRieUxwVm44V1lxMk01T0h1V2JaUVZtOXBSaVBTM29QNGZoaWNDZ3hkQ044d2lpSHZBJTNEJTNE; cto_bundle=T8kKfF9MTjg5dWNrc1lFS2slMkY3aFo2VFNwTjZoVSUyRnJjTlZXbllkT244d3UzOGgwamxLdHg3Z1JQTlVyTU1SVGpqVTdNaHo3S1lkTTJWVTRwT0h4bFAwVFJZWmZkWTdXWEs5UGY4ZlNiRFhkbm5MZlU5Y2plOGdzQ2w3TlZRb3ElMkZLTzdzag
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thehackernews.com
referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
101357
cf-polished
origSize=2975, status=webp_bigger
content-disposition
inline;filename="jenkin.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2961
x-xss-protection
0
expires
Sat, 11 Sep 2021 00:29:49 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"vefa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzLlYaFM8iluOifBjiBnxao7lQPg1xVFti%2FidC5ypkOdPkJC%2ByI3rvn1wOKdqG3mPnr9jqkecKjKjrVT7j%2FqbpJZMeUVdsCN%2FbS14FjVFyamblcviRnMYPl8x6fH6ZELdpNt"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=8640000, immutable
accept-ranges
bytes
cf-ray
68ce6f5a28bf4137-PRG
access-control-expose-headers
Content-Length
scw-200.jpg
thehackernews.com/images/-7oST5jSg0gg/YTc8X5vpdZI/AAAAAAAA4Xo/TP05JllVGbQjutGIqJA9ZVx49BSEBqL4wCLcBGAsYHQ/s300-e100/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehackernews.com/images/-7oST5jSg0gg/YTc8X5vpdZI/AAAAAAAA4Xo/TP05JllVGbQjutGIqJA9ZVx49BSEBqL4wCLcBGAsYHQ/s300-e100/scw-200.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96bbda56c90388fb55aa25c7f6645cd6c3d7e8dd5cab8490605556486b5f0c14
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/images/-7oST5jSg0gg/YTc8X5vpdZI/AAAAAAAA4Xo/TP05JllVGbQjutGIqJA9ZVx49BSEBqL4wCLcBGAsYHQ/s300-e100/scw-200.jpg
pragma
no-cache
cookie
__qca=P0-646688519-1631337501102; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1631337501391]]; _pbjs_userid_consent_data=3524755945110770; _pubcid=b648624f-e21c-4d28-948f-cb99c68cff07; cto_bidid=6zCzUV82QTd3UDBZVnlJcTUlMkZmVnhzZTY5d3E5RW9FOW9NY2dVNFVqYzRieUxwVm44V1lxMk01T0h1V2JaUVZtOXBSaVBTM29QNGZoaWNDZ3hkQ044d2lpSHZBJTNEJTNE; cto_bundle=T8kKfF9MTjg5dWNrc1lFS2slMkY3aFo2VFNwTjZoVSUyRnJjTlZXbllkT244d3UzOGgwamxLdHg3Z1JQTlVyTU1SVGpqVTdNaHo3S1lkTTJWVTRwT0h4bFAwVFJZWmZkWTdXWEs5UGY4ZlNiRFhkbm5MZlU5Y2plOGdzQ2w3TlZRb3ElMkZLTzdzag
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thehackernews.com
referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
326415
cf-polished
origSize=31047, status=webp_bigger
content-disposition
inline;filename="scw-200.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
29603
x-xss-protection
0
expires
Thu, 16 Dec 2021 10:23:04 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"ve17b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1V4DODDHBeicT2%2FNrStjwboYJnNpgixOZYMt3ZjbAjkH4eI8vYgEQ%2F8sJNS3T9e4cS6daRIM%2Bp02w2MMyycvq3kpC2H2JsnNEMqzMrC8lvxv5kaiPMeT3Xb6Yq%2BIvnXOdEwv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=8640000, immutable
accept-ranges
bytes
cf-ray
68ce6f5a28c44137-PRG
access-control-expose-headers
Content-Length
AGSKWxWvB_m8FqYAAFjuOoZCZbYEoadvaTbsGrYMJBi7rb28W5qDgeJQiChkEP5JBPVAYp94Ig21kZjmtfXmBiXVySLcJt_sDCWf_02FMNfCoTyi3rJZQVo_2mxHDHJpAtzFd3gCeUiUBGYEs6FER5hLhj4lNQHZ9OiSXniRimf5P6Ew8q5rEOT84Dc8hmke
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWvB_m8FqYAAFjuOoZCZbYEoadvaTbsGrYMJBi7rb28W5qDgeJQiChkEP5JBPVAYp94Ig21kZjmtfXmBiXVySLcJt_sDCWf_02FMNfCoTyi3rJZQVo_2mxHDHJpAtzFd3gCeUiUBGYEs6FER5hLhj4lNQHZ9OiSXniRimf5P6Ew8q5rEOT84Dc8hmke?dmid=970e7566fd7b1e49
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2SignalJs.de.hUbKalM9mTs.es5.O/d=1/rs=AJlcJMzYP9dj22-r2NXKXr4t1o14-uYV2w/m=iabtcfv2signalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CXe4AbGpFeFbHZqLPGfl7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-CXe4AbGpFeFbHZqLPGfl7Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 Sep 2021 05:18:21 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-CXe4AbGpFeFbHZqLPGfl7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-CXe4AbGpFeFbHZqLPGfl7Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUH50RJ_mYyn-5VydfFXfVdo-bK1CcNfjfqbnEDsWyAc2J0semKO58vDCexfxSNdYxg4z2-MZ4aEHiCwKbKz9166VgdKC8CDApyvbWg8gHuX9bimO9RtTKgIwzYz-AVN9xfei1W2g7Z4hp_925HOHBK5VmZ3aJ-G8WnWlPdvS37v5F2gg-85CKD-c46
fundingchoicesmessages.google.com/f/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUH50RJ_mYyn-5VydfFXfVdo-bK1CcNfjfqbnEDsWyAc2J0semKO58vDCexfxSNdYxg4z2-MZ4aEHiCwKbKz9166VgdKC8CDApyvbWg8gHuX9bimO9RtTKgIwzYz-AVN9xfei1W2g7Z4hp_925HOHBK5VmZ3aJ-G8WnWlPdvS37v5F2gg-85CKD-c46?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjMxMzM3NTAxLDg3OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyXSwiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIxLzA5L3NvdmEtbmV3LWFuZHJvaWQtYmFua2luZy10cm9qYW4tZW1lcmdlcy5odG1sIl0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2SignalJs.de.hUbKalM9mTs.es5.O/d=1/rs=AJlcJMzYP9dj22-r2NXKXr4t1o14-uYV2w/m=iabtcfv2signalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f14.1e100.net
Software
ESF /
Resource Hash
041343e4e0cea44b99a851d5c94199339e8110ba8074858f8b0b0f6c9e7c86d3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aU8ck/YXwDW5ePnASDuLYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-aU8ck/YXwDW5ePnASDuLYQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-aU8ck/YXwDW5ePnASDuLYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-aU8ck/YXwDW5ePnASDuLYQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWUQHFmk3kD8AsnlXGu_ovIuEQW63QjzY1ZbRDLISyy2P_gcdO9lDWzwnjF1loSzXASnD21Wu-Qtqsm4uQdRJA=
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWUQHFmk3kD8AsnlXGu_ovIuEQW63QjzY1ZbRDLISyy2P_gcdO9lDWzwnjF1loSzXASnD21Wu-Qtqsm4uQdRJA=?pvid=417132D4-1018-4977-B05C-6ADE8DBCB639&anonid=4870569B-257E-4A66-AFF4-CFC4306624B7
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.KiQvK_SNewk.es5.O/d=1/rs=AJlcJMwllTyluRqLaHXDUePiis_3uxG8Cw/m=loader_js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BbNIRpzVsjZ49fReCmsoOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-BbNIRpzVsjZ49fReCmsoOA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 Sep 2021 05:18:22 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-BbNIRpzVsjZ49fReCmsoOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-BbNIRpzVsjZ49fReCmsoOA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
apple-privacy.jpg
thehackernews.com/images/-LwXNpCnk-eM/YTM3CxirQUI/AAAAAAAADuk/vYTjoARAOPgEenfu-Zhoy7J25IuA-iIHgCLcBGAsYHQ/w72-h72-p-k-no-nu/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehackernews.com/images/-LwXNpCnk-eM/YTM3CxirQUI/AAAAAAAADuk/vYTjoARAOPgEenfu-Zhoy7J25IuA-iIHgCLcBGAsYHQ/w72-h72-p-k-no-nu/apple-privacy.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f712971813cc7aa211b229ed8d779906cf944a365640622934b26bf132bcdae3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/images/-LwXNpCnk-eM/YTM3CxirQUI/AAAAAAAADuk/vYTjoARAOPgEenfu-Zhoy7J25IuA-iIHgCLcBGAsYHQ/w72-h72-p-k-no-nu/apple-privacy.jpg
pragma
no-cache
cookie
__qca=P0-646688519-1631337501102; _pbjs_userid_consent_data=3524755945110770; _pubcid=b648624f-e21c-4d28-948f-cb99c68cff07; cto_bidid=6zCzUV82QTd3UDBZVnlJcTUlMkZmVnhzZTY5d3E5RW9FOW9NY2dVNFVqYzRieUxwVm44V1lxMk01T0h1V2JaUVZtOXBSaVBTM29QNGZoaWNDZ3hkQ044d2lpSHZBJTNEJTNE; cto_bundle=T8kKfF9MTjg5dWNrc1lFS2slMkY3aFo2VFNwTjZoVSUyRnJjTlZXbllkT244d3UzOGgwamxLdHg3Z1JQTlVyTU1SVGpqVTdNaHo3S1lkTTJWVTRwT0h4bFAwVFJZWmZkWTdXWEs5UGY4ZlNiRFhkbm5MZlU5Y2plOGdzQ2w3TlZRb3ElMkZLTzdzag; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1631337501391],null]
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thehackernews.com
referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34958
cf-polished
origFmt=jpeg, origSize=1594
content-disposition
inline; filename="apple-privacy.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1426
x-xss-protection
0
expires
Sat, 11 Sep 2021 12:54:10 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"veea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqyXCGBZOqolWRYv7jr9AUbLI1%2FNh%2F%2FKMofe395WIQdI1PfIWUhA22jIMySMaq6gCVH5RO7a6hE4bOPCHWk6fLvPqHR%2BYP6ufSFjoLnTRYHRRZwZvPV8NN%2B5yzMgXdsgIeiC"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=8640000, immutable
accept-ranges
bytes
cf-ray
68ce6f5b096e4137-PRG
access-control-expose-headers
Content-Length
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
307999
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
27964
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15d95"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVFpoZckROtMyGD%2FTvxYhMsN43M4CQA5zWdJ78uZhf0lwxUxbvgIkZWu%2F4I698DD1VXkZMfgzC9HWYrwWsujLKHymQ99rbAV1KjKFkW2ZzRpx4k%2F6yd%2FeElW2%2Fpa%2Bjn4kV4Uz9iU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
68ce6f5c4bc94132-PRG
expires
Thu, 01 Sep 2022 05:18:22 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5829
date
Sat, 11 Sep 2021 03:41:13 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sat, 11 Sep 2021 05:41:13 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
584da571f67b1e738befcc9acc3412dcb324f43ac172257ee967b6ba8e11621e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49434
x-xss-protection
0
server
cafe
etag
7772695300083110601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 11 Sep 2021 05:18:22 GMT
banner-1.jpg
thehackernews.com/images/-xEQf4RPeHhs/YS85adrOzEI/AAAAAAAA4XQ/xivqoYJZviMU2h2UHbPvyOHysINfmVabACLcBGAsYHQ/s728-e100/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehackernews.com/images/-xEQf4RPeHhs/YS85adrOzEI/AAAAAAAA4XQ/xivqoYJZviMU2h2UHbPvyOHysINfmVabACLcBGAsYHQ/s728-e100/banner-1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e01ddff81ef43d93f47545eb333edda3130c28ec9b62ed8a71100f1cbfd94887
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/images/-xEQf4RPeHhs/YS85adrOzEI/AAAAAAAA4XQ/xivqoYJZviMU2h2UHbPvyOHysINfmVabACLcBGAsYHQ/s728-e100/banner-1.jpg
pragma
no-cache
cookie
__qca=P0-646688519-1631337501102; _pbjs_userid_consent_data=3524755945110770; _pubcid=b648624f-e21c-4d28-948f-cb99c68cff07; cto_bidid=6zCzUV82QTd3UDBZVnlJcTUlMkZmVnhzZTY5d3E5RW9FOW9NY2dVNFVqYzRieUxwVm44V1lxMk01T0h1V2JaUVZtOXBSaVBTM29QNGZoaWNDZ3hkQ044d2lpSHZBJTNEJTNE; cto_bundle=T8kKfF9MTjg5dWNrc1lFS2slMkY3aFo2VFNwTjZoVSUyRnJjTlZXbllkT244d3UzOGgwamxLdHg3Z1JQTlVyTU1SVGpqVTdNaHo3S1lkTTJWVTRwT0h4bFAwVFJZWmZkWTdXWEs5UGY4ZlNiRFhkbm5MZlU5Y2plOGdzQ2w3TlZRb3ElMkZLTzdzag; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1631337501391],null]
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thehackernews.com
referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:22 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336574
cf-polished
origSize=17378, status=webp_bigger
content-disposition
inline;filename="banner-1.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16186
x-xss-protection
0
expires
Thu, 16 Dec 2021 07:43:46 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"ve176"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Zu2sudnz%2BzCJj0nImDiUlc9Y8WpRanQTle1EdiZg8Cqiu8T7fSOWIBUtwKPXHzq4jGUW0fKK04CGiOJaLIBzajp7%2FWghnAHAlFDO7hkeg6x238CBusQScCw9C9eTHCi1ZDD"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=8640000, immutable
accept-ranges
bytes
cf-ray
68ce6f5c9ab54137-PRG
access-control-expose-headers
Content-Length
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=164543264&t=pageview&_s=1&dl=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&dp=%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&ul=en-us&de=UTF-8&dt=SOVA%3A%20New%20Android%20Banking%20Trojan%20Emerges%20With%20Growing%20Capabilities&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=752724903&gjid=316482159&cid=2047285284.1631337502&tid=UA-27389293-1&_gid=2084177617.1631337502&_r=1&cd1=2.0&z=1882807486
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 05:18:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/ 		251 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
cadedca735c6ec45885014e69884b741d9ef44349cd95c9271ae066216d49f6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95406
x-xss-protection
0
server
cafe
etag
12270461373536854434
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 11 Sep 2021 05:18:22 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/ Frame 2CE4 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210908/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thehackernews.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 10 Sep 2021 17:14:49 GMT
expires
Fri, 24 Sep 2021 17:14:49 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
43413
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
stats.g.doubleclick.net/j/ 		2 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-27389293-1&cid=2047285284.1631337502&jid=752724903&gjid=316482159&_gid=2084177617.1631337502&_u=YEBAAAAAAAAAAC~&z=1987804304
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
gm-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 11 Sep 2021 05:18:22 GMT
content-type
text/plain
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
getban.php
fundingchoicesmessages.google.com/f/AGSKWxXLvyzwT_nEotzgpVvgqHgVXhGXerxkuHaCtaJKoDmUhUYdwZV30DaVswBxMRg2-wXq7gfGMPTKILM8iaNqe8d0cM2g1Bsg6iGUIMz4OhOzOXPUOfWUEvLEsG7ljs01HuvyTLy47suNfy-WN0X_H1O0VJxrB... 		54 B
106 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXLvyzwT_nEotzgpVvgqHgVXhGXerxkuHaCtaJKoDmUhUYdwZV30DaVswBxMRg2-wXq7gfGMPTKILM8iaNqe8d0cM2g1Bsg6iGUIMz4OhOzOXPUOfWUEvLEsG7ljs01HuvyTLy47suNfy-WN0X_H1O0VJxrB2rX7zTIERRIvcO5leEqNdu3KYm-un9DoHapsv9FCoBxoLR_-ArABDsC_ye43I9mhE_CGossrg1U5Dqt6Wo=/__ad_box./abmw.asp/getban.php?/home/sponsor_/omb-ad-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.T3w8R-rkGEM.es5.O/d=1/rs=AJlcJMwgvfsE-Yuxq75oJJj26H2mTq7Pqw/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f14.1e100.net
Software
ESF /
Resource Hash
6342a2d45033654080009616325a9cd821d396224a1a0e68f695ef74def7c5a6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rieEIi9VTEGA1kEPiuBs3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-rieEIi9VTEGA1kEPiuBs3Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 05:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-rieEIi9VTEGA1kEPiuBs3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-rieEIi9VTEGA1kEPiuBs3Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
lidar.js
pagead2.googlesyndication.com/pagead/js/ 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/lidar.js
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.T3w8R-rkGEM.es5.O/d=1/rs=AJlcJMwgvfsE-Yuxq75oJJj26H2mTq7Pqw/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
4900ee5cb3ab33213a8dabe1e3a21030347a7479d64f260f444db6189bfff61c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 04:35:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2574
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
server
cafe
etag
1860920033816325134
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 11 Sep 2021 05:35:28 GMT
AGSKWxUbpNgBCz2FywZ74n5uMvH481AY_SXT30ADBCmOKsOIDSuetuim6HMbeH8ym6NsEVWK6NIMDIBL8GYbEhfAkFM-p8RSWdn4CIEWNhK8ngpLR4scKm1g6orjTYUi3_BzhvApTRCoO3LqufVVrh8lWwOWodZT2Um0jSH4HksVcHF31qnCRwFrf4HVTu_n
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUbpNgBCz2FywZ74n5uMvH481AY_SXT30ADBCmOKsOIDSuetuim6HMbeH8ym6NsEVWK6NIMDIBL8GYbEhfAkFM-p8RSWdn4CIEWNhK8ngpLR4scKm1g6orjTYUi3_BzhvApTRCoO3LqufVVrh8lWwOWodZT2Um0jSH4HksVcHF31qnCRwFrf4HVTu_n
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.T3w8R-rkGEM.es5.O/d=1/rs=AJlcJMwgvfsE-Yuxq75oJJj26H2mTq7Pqw/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WhyplDVEfGcVrB1MFO180w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-WhyplDVEfGcVrB1MFO180w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 Sep 2021 05:18:22 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-WhyplDVEfGcVrB1MFO180w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-WhyplDVEfGcVrB1MFO180w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUbpNgBCz2FywZ74n5uMvH481AY_SXT30ADBCmOKsOIDSuetuim6HMbeH8ym6NsEVWK6NIMDIBL8GYbEhfAkFM-p8RSWdn4CIEWNhK8ngpLR4scKm1g6orjTYUi3_BzhvApTRCoO3LqufVVrh8lWwOWodZT2Um0jSH4HksVcHF31qnCRwFrf4HVTu_n
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUbpNgBCz2FywZ74n5uMvH481AY_SXT30ADBCmOKsOIDSuetuim6HMbeH8ym6NsEVWK6NIMDIBL8GYbEhfAkFM-p8RSWdn4CIEWNhK8ngpLR4scKm1g6orjTYUi3_BzhvApTRCoO3LqufVVrh8lWwOWodZT2Um0jSH4HksVcHF31qnCRwFrf4HVTu_n
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.T3w8R-rkGEM.es5.O/d=1/rs=AJlcJMwgvfsE-Yuxq75oJJj26H2mTq7Pqw/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zX2STAuC7Ok9xpK9/wLpSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-zX2STAuC7Ok9xpK9/wLpSg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 Sep 2021 05:18:22 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-zX2STAuC7Ok9xpK9/wLpSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-zX2STAuC7Ok9xpK9/wLpSg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUbpNgBCz2FywZ74n5uMvH481AY_SXT30ADBCmOKsOIDSuetuim6HMbeH8ym6NsEVWK6NIMDIBL8GYbEhfAkFM-p8RSWdn4CIEWNhK8ngpLR4scKm1g6orjTYUi3_BzhvApTRCoO3LqufVVrh8lWwOWodZT2Um0jSH4HksVcHF31qnCRwFrf4HVTu_n
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUbpNgBCz2FywZ74n5uMvH481AY_SXT30ADBCmOKsOIDSuetuim6HMbeH8ym6NsEVWK6NIMDIBL8GYbEhfAkFM-p8RSWdn4CIEWNhK8ngpLR4scKm1g6orjTYUi3_BzhvApTRCoO3LqufVVrh8lWwOWodZT2Um0jSH4HksVcHF31qnCRwFrf4HVTu_n
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.T3w8R-rkGEM.es5.O/d=1/rs=AJlcJMwgvfsE-Yuxq75oJJj26H2mTq7Pqw/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YQe/AfHTOvhtsOCzWrskCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-YQe/AfHTOvhtsOCzWrskCQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 Sep 2021 05:18:22 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-YQe/AfHTOvhtsOCzWrskCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-YQe/AfHTOvhtsOCzWrskCQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXOFmvvR67_V61T6cVsUHOIVAxq1Jz8F5q5_WRXBn-LsCmUqo-aKpe5VXq7_66f4825U1eO7TWalhiE15PeJSQ1OnP54-R3JWQqUpDuLh4SQ9pK6xIKvzyt8mBMyw0rgRSqzTBo8BzlHlm2WA2ADt4aaXuVcKqz4lLNNCjcwe8vXxeeeuPqEeKydoea
fundingchoicesmessages.google.com/f/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXOFmvvR67_V61T6cVsUHOIVAxq1Jz8F5q5_WRXBn-LsCmUqo-aKpe5VXq7_66f4825U1eO7TWalhiE15PeJSQ1OnP54-R3JWQqUpDuLh4SQ9pK6xIKvzyt8mBMyw0rgRSqzTBo8BzlHlm2WA2ADt4aaXuVcKqz4lLNNCjcwe8vXxeeeuPqEeKydoea?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjMxMzM3NTAyLDg4MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsOSw2XSxudWxsLDJdLCJodHRwczovL3RoZWhhY2tlcm5ld3MuY29tLzIwMjEvMDkvc292YS1uZXctYW5kcm9pZC1iYW5raW5nLXRyb2phbi1lbWVyZ2VzLmh0bWwiXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.T3w8R-rkGEM.es5.O/d=1/rs=AJlcJMwgvfsE-Yuxq75oJJj26H2mTq7Pqw/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f14.1e100.net
Software
ESF /
Resource Hash
59d211ab73efa9773b434e6fef87e6a3a3868fcedcfc98cb5d464672448449e5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CGmj1YOxe8B0Aj04J3Hp0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-CGmj1YOxe8B0Aj04J3Hp0g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 05:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-CGmj1YOxe8B0Aj04J3Hp0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-CGmj1YOxe8B0Aj04J3Hp0g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUbpNgBCz2FywZ74n5uMvH481AY_SXT30ADBCmOKsOIDSuetuim6HMbeH8ym6NsEVWK6NIMDIBL8GYbEhfAkFM-p8RSWdn4CIEWNhK8ngpLR4scKm1g6orjTYUi3_BzhvApTRCoO3LqufVVrh8lWwOWodZT2Um0jSH4HksVcHF31qnCRwFrf4HVTu_n
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUbpNgBCz2FywZ74n5uMvH481AY_SXT30ADBCmOKsOIDSuetuim6HMbeH8ym6NsEVWK6NIMDIBL8GYbEhfAkFM-p8RSWdn4CIEWNhK8ngpLR4scKm1g6orjTYUi3_BzhvApTRCoO3LqufVVrh8lWwOWodZT2Um0jSH4HksVcHF31qnCRwFrf4HVTu_n
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.T3w8R-rkGEM.es5.O/d=1/rs=AJlcJMwgvfsE-Yuxq75oJJj26H2mTq7Pqw/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nMy/4lq4WItmPMEDwKSjKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-nMy/4lq4WItmPMEDwKSjKw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 Sep 2021 05:18:23 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-nMy/4lq4WItmPMEDwKSjKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-nMy/4lq4WItmPMEDwKSjKw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
bsevent.gif
tps20515.doubleverify.com/ 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20515.doubleverify.com/bsevent.gif?impid=8f5d3409120a4c3f8b5e7a1d36e2c91e&pltfrm=Linux%20x86_64&cbust=1631337502913713
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.20 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 11 Sep 2021 05:18:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://thehackernews.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
9/10/2021 5:18:22 AM
cookie.js
partner.googleadservices.com/gampad/ 		207 B
404 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=thehackernews.com&callback=_gfp_s_&client=ca-pub-7983783048239650
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
01297949739ee1e73279eec02f51780e625a13003ebc6497fa92dd6a55a1716d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thehackernews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Sep 2021 05:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9FD3 		66 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=2569898456&adf=3546401298&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1631310884&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&flash=0&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631337502568&bpp=3&bdt=2270&idt=399&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4107475632101&frm=20&pv=2&ga_vid=2047285284.1631337502&ga_sid=1631337503&ga_hid=164543264&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1031&ady=701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44749369%2C31062297%2C31062311&oid=3&pvsid=603390638843779&pem=370&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=khKurI6XFA&p=https%3A//thehackernews.com&dtd=412
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
786a5ad6793ee0d1c3510eb1bd3a334233dcbaa9c1ecd68649506e03ead622fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?gdpr=0&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=2569898456&adf=3546401298&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1631310884&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&flash=0&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631337502568&bpp=3&bdt=2270&idt=399&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4107475632101&frm=20&pv=2&ga_vid=2047285284.1631337502&ga_sid=1631337503&ga_hid=164543264&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1031&ady=701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44749369%2C31062297%2C31062311&oid=3&pvsid=603390638843779&pem=370&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=khKurI6XFA&p=https%3A//thehackernews.com&dtd=412
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thehackernews.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 11 Sep 2021 05:18:23 GMT
server
cafe
content-length
25138
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 11-Sep-2021 05:33:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 11 Sep 2021 05:18:23 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210908&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
b9ee9bc28a8d598e0f75cdd1317defabe37dff3657a772bff532096451e8922a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Sep 2021 05:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8633
x-xss-protection
0
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
sffe /
Resource Hash
74696de7db3cfc983f841facfdca75dbf4c114af467b05e23fe6d95694cab0fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:23 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631273431406706"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27627
x-xss-protection
0
expires
Sat, 11 Sep 2021 05:18:23 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame BC91 		136 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7983783048239650&output=html&adk=1812271804&adf=3025194257&lmt=1631310884&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631337502579&bpp=1&bdt=2281&idt=410&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=4107475632101&frm=20&pv=1&ga_vid=2047285284.1631337502&ga_sid=1631337503&ga_hid=164543264&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44749369%2C31062297%2C31062311&oid=3&pvsid=603390638843779&pem=370&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=416
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
75996eeeb9e9c158c31fba9c956b289f0c42221adcbde274821a52c891680a47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?gdpr=0&client=ca-pub-7983783048239650&output=html&adk=1812271804&adf=3025194257&lmt=1631310884&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631337502579&bpp=1&bdt=2281&idt=410&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=4107475632101&frm=20&pv=1&ga_vid=2047285284.1631337502&ga_sid=1631337503&ga_hid=164543264&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44749369%2C31062297%2C31062311&oid=3&pvsid=603390638843779&pem=370&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=416
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thehackernews.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 11 Sep 2021 05:18:23 GMT
server
cafe
content-length
32050
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 11-Sep-2021 05:33:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 11 Sep 2021 05:18:23 GMT
cache-control
private
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-27389293-1&cid=2047285284.1631337502&jid=752724903&_u=YEBAAAAAAAAAAC~&z=1233618266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 05:18:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxUbqHg4kuoX-25e3jVPu7J5JrM7-0la8Wn2h-097JKmSXmAKYzlcRd0B5_6_4ubGFwUbt27aetbgMUmXusgafa2mTRO-zbxA9aZOe6xUOIcyxAQc_v5tHsg7JyB9M3PNzHFYFIhC4-S5p0PcLQ2Me73ChX2q0qbxhFBGgD3_z4llVhVUO5rtfPGqQHr
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUbqHg4kuoX-25e3jVPu7J5JrM7-0la8Wn2h-097JKmSXmAKYzlcRd0B5_6_4ubGFwUbt27aetbgMUmXusgafa2mTRO-zbxA9aZOe6xUOIcyxAQc_v5tHsg7JyB9M3PNzHFYFIhC4-S5p0PcLQ2Me73ChX2q0qbxhFBGgD3_z4llVhVUO5rtfPGqQHr
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.-iaodh3Ygno.es5.O/d=1/rs=AJlcJMwcY7eJYgPgWbOO5jQJf_0Q24Jbfw/m=cookie_refresh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9gBKD+FvLniu5UsYpE8lAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-9gBKD+FvLniu5UsYpE8lAQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 Sep 2021 05:18:23 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-9gBKD+FvLniu5UsYpE8lAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-9gBKD+FvLniu5UsYpE8lAQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUbqHg4kuoX-25e3jVPu7J5JrM7-0la8Wn2h-097JKmSXmAKYzlcRd0B5_6_4ubGFwUbt27aetbgMUmXusgafa2mTRO-zbxA9aZOe6xUOIcyxAQc_v5tHsg7JyB9M3PNzHFYFIhC4-S5p0PcLQ2Me73ChX2q0qbxhFBGgD3_z4llVhVUO5rtfPGqQHr
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUbqHg4kuoX-25e3jVPu7J5JrM7-0la8Wn2h-097JKmSXmAKYzlcRd0B5_6_4ubGFwUbt27aetbgMUmXusgafa2mTRO-zbxA9aZOe6xUOIcyxAQc_v5tHsg7JyB9M3PNzHFYFIhC4-S5p0PcLQ2Me73ChX2q0qbxhFBGgD3_z4llVhVUO5rtfPGqQHr
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.-iaodh3Ygno.es5.O/d=1/rs=AJlcJMwcY7eJYgPgWbOO5jQJf_0Q24Jbfw/m=cookie_refresh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-/J9PWUIuO95QZ7kqJq8pxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-/J9PWUIuO95QZ7kqJq8pxQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 Sep 2021 05:18:23 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-/J9PWUIuO95QZ7kqJq8pxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-/J9PWUIuO95QZ7kqJq8pxQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUbqHg4kuoX-25e3jVPu7J5JrM7-0la8Wn2h-097JKmSXmAKYzlcRd0B5_6_4ubGFwUbt27aetbgMUmXusgafa2mTRO-zbxA9aZOe6xUOIcyxAQc_v5tHsg7JyB9M3PNzHFYFIhC4-S5p0PcLQ2Me73ChX2q0qbxhFBGgD3_z4llVhVUO5rtfPGqQHr
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUbqHg4kuoX-25e3jVPu7J5JrM7-0la8Wn2h-097JKmSXmAKYzlcRd0B5_6_4ubGFwUbt27aetbgMUmXusgafa2mTRO-zbxA9aZOe6xUOIcyxAQc_v5tHsg7JyB9M3PNzHFYFIhC4-S5p0PcLQ2Me73ChX2q0qbxhFBGgD3_z4llVhVUO5rtfPGqQHr
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.-iaodh3Ygno.es5.O/d=1/rs=AJlcJMwcY7eJYgPgWbOO5jQJf_0Q24Jbfw/m=cookie_refresh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lM6a1p/MFQvdCH4WAFJI/A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-lM6a1p/MFQvdCH4WAFJI/A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 Sep 2021 05:18:23 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-lM6a1p/MFQvdCH4WAFJI/A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-lM6a1p/MFQvdCH4WAFJI/A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&pid=khcdXAxUJYRpa&cb=1&ws=1600x1200&v=7.69.00&t=3000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22730x290%22%2C%22728x280%22%2C%22728x250%22%2C%22728x90%22%2C%22690x90%22%2C%22690x250%22%2C%22690x280%22%2C%22675x90%22%2C%22675x280%22%2C%22675x250%22%2C%22670x90%22%2C%22670x280%22%2C%22670x250%22%2C%22650x90%22%2C%22650x280%22%2C%22650x250%22%2C%22650x150%22%2C%22630x90%22%2C%22630x280%22%2C%22630x250%22%2C%22602x100%22%2C%22600x90%22%2C%22600x280%22%2C%22600x250%22%2C%22580x90%22%2C%22570x90%22%2C%22550x150%22%2C%22468x60%22%2C%22336x280%22%2C%22320x50%22%2C%22320x100%22%2C%22300x50%22%2C%22300x100%22%2C%22300x75%22%2C%22300x250%22%2C%22250x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F103512698%2F22055424785%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22730x290%22%2C%22728x280%22%2C%22728x250%22%2C%22728x90%22%2C%22690x90%22%2C%22690x250%22%2C%22690x280%22%2C%22675x90%22%2C%22675x280%22%2C%22675x250%22%2C%22670x90%22%2C%22670x280%22%2C%22670x250%22%2C%22650x90%22%2C%22650x280%22%2C%22650x250%22%2C%22650x150%22%2C%22630x90%22%2C%22630x280%22%2C%22630x250%22%2C%22602x100%22%2C%22600x90%22%2C%22600x280%22%2C%22600x250%22%2C%22580x90%22%2C%22570x90%22%2C%22550x150%22%2C%22468x60%22%2C%22336x280%22%2C%22320x50%22%2C%22320x100%22%2C%22300x50%22%2C%22300x100%22%2C%22300x75%22%2C%22300x250%22%2C%22250x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F103512698%2F22055889203%22%7D%5D&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.85.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-85-10.muc50.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:23 GMT
via
1.1 37e2872b8b14122ba8fe3a34c3bb506b.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://thehackernews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
TZNnAFCM54mva5YTsuBFS_f_2CQ5Srdp8BJGRLhMtD585gdRrIJCHQ==
adreq
ads.servenobid.com/ 		188 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=3645
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-113-164.compute-1.amazonaws.com
Software
/
Resource Hash
15a0031aa24f2800b7e20473d3693e34f1eb22a88f6875e7efab4df1ae4aaf1f

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 Sep 2021 05:18:23 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://thehackernews.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
v1
dmx.districtm.io/b/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 Sep 2021 05:18:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://thehackernews.com
access-control-allow-credentials
true
cf-ray
68ce6f62db07411a-PRG
access-control-allow-headers
Content-Type, Origin
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 Sep 2021 05:18:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://thehackernews.com
access-control-allow-credentials
true
cf-ray
68ce6f62db08411a-PRG
access-control-allow-headers
Content-Type, Origin
prebid
ib.adnxs.com/ut/v3/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f88c1e6840897c00f95c76e9d31f19061b76f1c441808874a309d4b39bcb5ed7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 11 Sep 2021 05:18:23 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.114.198; 216.131.114.198; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
77953163-8dac-431b-92a9-ef42da277e3c
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://thehackernews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adpushup-d.openx.net/w/1.0/ 		172 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a230cda8-2ef2-4d6b-8313-a1e339dae65b%2C847a1a59-8a3e-4edd-8078-a0b9b6a60c1c&nocache=1631337503169&gdpr=0&pubcid=b648624f-e21c-4d28-948f-cb99c68cff07&quantcastid=P0-646688519-1631337501102&schain=1.0%2C1!adpushup.com%2Caeb138a66c47c1d438a8907993e81712%2C1%2C%2C%2C&aus=730x290%2C728x280%2C728x250%2C728x90%2C690x90%2C690x250%2C690x280%2C675x90%2C675x280%2C675x250%2C670x90%2C670x280%2C670x250%2C650x90%2C650x280%2C650x250%2C650x150%2C630x90%2C630x280%2C630x250%2C602x100%2C600x90%2C600x280%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C336x280%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C730x290%2C728x280%2C728x250%2C728x90%2C690x90%2C690x250%2C690x280%2C675x90%2C675x280%2C675x250%2C670x90%2C670x280%2C670x250%2C650x90%2C650x280%2C650x250%2C650x150%2C630x90%2C630x280%2C630x250%2C602x100%2C600x90%2C600x280%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C336x280%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200&divids=ADP_37020_responsivexresponsive_00000001-76001b10-d2b4-42f6-aba3-93f9ffa74f50%2CADP_37020_responsivexresponsive_00000001-d60bf4f0-5895-4d44-a646-830003683186&aucs=%2C&auid=541218336%2C541218336
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.215.0 /
Resource Hash
b02909d8ae8ba1131219a8178239d69815f55f9224211ea60b4cb8dc5f7f2714

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 05:18:23 GMT
content-encoding
gzip
server
OXGW/16.215.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://thehackernews.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		25 B
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
b8f3b6afbeefabbe7324616ab00072eddf278c5c46680235d1450f0868fdd5a3

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 11 Sep 2021 05:18:23 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://thehackernews.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
cdb
bidder.criteo.com/ 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=83504037293
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thehackernews.com
date
Sat, 11 Sep 2021 05:18:22 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.147.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-147-162.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
45f0018fe6f846bc5cbc2d74ceebc5579ad93532f60a8572b652851948fedb85

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 05:18:23 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.147.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-147-162.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
7130671d3dc5e4a2f78ec6a0ed79841ba77e995f52ae073cbe7368b5b14dc387

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 05:18:23 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		350 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=332834&zone_id=1745264&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C16%2C19%2C43%2C44%2C117&gdpr=0&rp_schain=1.0,1!adpushup.com,aeb138a66c47c1d438a8907993e81712,1,,,&eid_pubcid.org=b648624f-e21c-4d28-948f-cb99c68cff07%5E1&eid_quantcast.com=P0-646688519-1631337501102%5E1&rf=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&tk_flint=pbjs_lite_v4.43.0&x_source.tid=7d064538-4f57-466e-b1f9-da33a973066a%3B9a674991-8960-4f9a-bfff-34b3011ec46d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.7889146541659122
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d3c362ebb327634ef54c1a337b0d58dd0266d894937d55956f44b4bfb9943fcc

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 11 Sep 2021 05:18:23 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://thehackernews.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
350
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v2
i.connectad.io/api/ 		0
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.54.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 Sep 2021 05:18:23 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
68ce6f630ec0f9e6-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thehackernews.com
date
Sat, 11 Sep 2021 05:18:23 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Sat, 11 Sep 2021 05:18:22 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://thehackernews.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Sat, 11 Sep 2021 05:18:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8159 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thehackernews.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Sat, 11 Sep 2021 01:50:21 GMT
expires
Sun, 11 Sep 2022 01:50:21 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
12482
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 116F 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f4.1e100.net
Software
GSE /
Resource Hash
db3dd2c12b9b59fef4c130e93c8da20487f8b0edf4e4e833ae9706c018c0d7e7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-twCPXmPDf9auJWKFO9yOrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thehackernews.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 11 Sep 2021 05:18:23 GMT
date
Sat, 11 Sep 2021 05:18:23 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-twCPXmPDf9auJWKFO9yOrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
12783169081388553632
tpc.googlesyndication.com/simgad/ Frame 9FD3 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12783169081388553632?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmmbIx90526wDjGzuFEX3Z33n4u7g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=2569898456&adf=3546401298&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1631310884&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&flash=0&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631337502568&bpp=3&bdt=2270&idt=399&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4107475632101&frm=20&pv=2&ga_vid=2047285284.1631337502&ga_sid=1631337503&ga_hid=164543264&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1031&ady=701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44749369%2C31062297%2C31062311&oid=3&pvsid=603390638843779&pem=370&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=khKurI6XFA&p=https%3A//thehackernews.com&dtd=412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
sffe /
Resource Hash
4d56dff529456e37f9376ce3d34892ba6c1afb742c3a83edde34fd67cf35905a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 04:30:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 23 Apr 2021 17:00:18 GMT
server
sffe
age
175691
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46714
x-xss-protection
0
expires
Fri, 09 Sep 2022 04:30:12 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210907/r20110914/ Frame 9FD3 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210907/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=2569898456&adf=3546401298&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1631310884&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&flash=0&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631337502568&bpp=3&bdt=2270&idt=399&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4107475632101&frm=20&pv=2&ga_vid=2047285284.1631337502&ga_sid=1631337503&ga_hid=164543264&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1031&ady=701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44749369%2C31062297%2C31062311&oid=3&pvsid=603390638843779&pem=370&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=khKurI6XFA&p=https%3A//thehackernews.com&dtd=412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
cafe /
Resource Hash
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:13:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
301
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7641
x-xss-protection
0
server
cafe
etag
14368791910870210898
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 05:13:22 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210907/r20110914/client/ Frame 9FD3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210907/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=2569898456&adf=3546401298&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1631310884&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&flash=0&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631337502568&bpp=3&bdt=2270&idt=399&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4107475632101&frm=20&pv=2&ga_vid=2047285284.1631337502&ga_sid=1631337503&ga_hid=164543264&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1031&ady=701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44749369%2C31062297%2C31062311&oid=3&pvsid=603390638843779&pem=370&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=khKurI6XFA&p=https%3A//thehackernews.com&dtd=412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 22:40:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23860
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Sep 2021 22:40:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9FD3 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=2569898456&adf=3546401298&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1631310884&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&flash=0&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631337502568&bpp=3&bdt=2270&idt=399&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4107475632101&frm=20&pv=2&ga_vid=2047285284.1631337502&ga_sid=1631337503&ga_hid=164543264&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1031&ady=701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44749369%2C31062297%2C31062311&oid=3&pvsid=603390638843779&pem=370&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=khKurI6XFA&p=https%3A//thehackernews.com&dtd=412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
sffe /
Resource Hash
1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:23 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631273423644667"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38649
x-xss-protection
0
expires
Sat, 11 Sep 2021 05:18:23 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210907/r20110914/client/ Frame 9FD3 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210907/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=2569898456&adf=3546401298&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1631310884&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&flash=0&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631337502568&bpp=3&bdt=2270&idt=399&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4107475632101&frm=20&pv=2&ga_vid=2047285284.1631337502&ga_sid=1631337503&ga_hid=164543264&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1031&ady=701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44749369%2C31062297%2C31062311&oid=3&pvsid=603390638843779&pem=370&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=khKurI6XFA&p=https%3A//thehackernews.com&dtd=412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 03:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6813
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 03:24:50 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210907/r20110914/client/ Frame 9FD3 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210907/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=2569898456&adf=3546401298&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1631310884&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&flash=0&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631337502568&bpp=3&bdt=2270&idt=399&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4107475632101&frm=20&pv=2&ga_vid=2047285284.1631337502&ga_sid=1631337503&ga_hid=164543264&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1031&ady=701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44749369%2C31062297%2C31062311&oid=3&pvsid=603390638843779&pem=370&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=khKurI6XFA&p=https%3A//thehackernews.com&dtd=412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
cafe /
Resource Hash
331c8dbc087f677d4eca8035d19626c0662a712b95d0d78bbeba05b7c3bbe7dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 13:57:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55275
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10845
x-xss-protection
0
server
cafe
etag
14737611871312058204
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Sep 2021 13:57:08 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 9FD3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C5A94Hzw8YbKlA4LzogbQm6qoCYWWrvBjhK3s5rUNipW-3tIkEAEg5_vlG2DJBqABtIeRqgLIAQKoAwHIA8kEqgT0AU_QfYpzaEeGVrNLe3V8hN5MkTeasUne0-Wqig6zC4d2Yguy3gN52TRlKIVMvNC0fO73Jc5oxTupMs1-gNqadgY3y4YHWBiojIBdG00cjtrF25cUDVqrEI5fEdtvCvgK259pO5pSqypHD1KCRzWKXChxXIoUAolzFjH8FQIRsog7tZFZjgYnt4ked8V4-mYgA3m1E88Dc5DXYLaz2K5l7eJa29OH8Z82LQtYxggeiu_GwBaIbLFF69d-MmilTB6-vmnCV4oggTRYHlommvvZmnCmCA_mE44MEbTRL0nul1nimp29n6kCnA7Y8SZ2YeavM9_xKkjABICZm8vFA5IFBAgEGAGSBQQIBRgEoAYCgAe0-O7VAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwHyBwQQzaQ20ggHCIBhEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi03OTgzNzgzMDQ4MjM5NjUwGAA&sigh=91hdde2JbPo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=2569898456&adf=3546401298&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1631310884&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&flash=0&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631337502568&bpp=3&bdt=2270&idt=399&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4107475632101&frm=20&pv=2&ga_vid=2047285284.1631337502&ga_sid=1631337503&ga_hid=164543264&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1031&ady=701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44749369%2C31062297%2C31062311&oid=3&pvsid=603390638843779&pem=370&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=khKurI6XFA&p=https%3A//thehackernews.com&dtd=412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=2569898456&adf=3546401298&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1631310884&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&flash=0&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631337502568&bpp=3&bdt=2270&idt=399&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4107475632101&frm=20&pv=2&ga_vid=2047285284.1631337502&ga_sid=1631337503&ga_hid=164543264&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1031&ady=701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44749369%2C31062297%2C31062311&oid=3&pvsid=603390638843779&pem=370&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=khKurI6XFA&p=https%3A//thehackernews.com&dtd=412
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 11 Sep 2021 05:18:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 11 Sep 2021 05:18:23 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/ 		145 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
bb668f5b914a3a51619e1d07d4ed7b0562992306736c78834478292740ddbd68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53094
x-xss-protection
0
server
cafe
etag
3023641859606465074
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 11 Sep 2021 05:18:23 GMT
63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
pagead2.googlesyndication.com/bg/ Frame 8159 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
sffe /
Resource Hash
eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 01:56:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
184925
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13458
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Sep 2022 01:56:18 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame BE79 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=2569898456&adf=3546401298&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1631310884&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&flash=0&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631337502568&bpp=3&bdt=2270&idt=399&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4107475632101&frm=20&pv=2&ga_vid=2047285284.1631337502&ga_sid=1631337503&ga_hid=164543264&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1031&ady=701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44749369%2C31062297%2C31062311&oid=3&pvsid=603390638843779&pem=370&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=khKurI6XFA&p=https%3A//thehackernews.com&dtd=412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=2569898456&adf=3546401298&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1631310884&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&flash=0&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631337502568&bpp=3&bdt=2270&idt=399&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4107475632101&frm=20&pv=2&ga_vid=2047285284.1631337502&ga_sid=1631337503&ga_hid=164543264&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1031&ady=701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44749369%2C31062297%2C31062311&oid=3&pvsid=603390638843779&pem=370&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=khKurI6XFA&p=https%3A//thehackernews.com&dtd=412
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=2569898456&adf=3546401298&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1631310884&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&flash=0&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631337502568&bpp=3&bdt=2270&idt=399&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4107475632101&frm=20&pv=2&ga_vid=2047285284.1631337502&ga_sid=1631337503&ga_hid=164543264&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1031&ady=701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44749369%2C31062297%2C31062311&oid=3&pvsid=603390638843779&pem=370&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=khKurI6XFA&p=https%3A//thehackernews.com&dtd=412

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 11 Sep 2021 05:06:11 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
732
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 9FD3 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c68e658ce97b0eaa5517f657418493d63effe82e0544f57cc44e4c69c1e46244

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=thehackernews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Sep 2021 05:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thehackernews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Sep 2021 05:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		115 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=603390638843779&correlator=400703893787162&output=ldjh&impl=fifs&eid=31062366%2C44749369%2C31062297%2C31062311&vrg=2021090701&ptt=17&gdpr=0&sc=1&sfv=1-0-38&ecs=20210911&iu_parts=103512698%3A22548988896%2C22055424785%2C22055889203&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C730x290%7C728x280%7C728x250%7C728x90%7C690x90%7C690x250%7C690x280%7C675x90%7C675x280%7C675x250%7C670x90%7C670x280%7C670x250%7C650x90%7C650x280%7C650x250%7C650x150%7C630x90%7C630x280%7C630x250%7C602x100%7C600x90%7C600x280%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C336x280%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C730x290%7C728x280%7C728x250%7C728x90%7C690x90%7C690x250%7C690x280%7C675x90%7C675x280%7C675x250%7C670x90%7C670x280%7C670x250%7C650x90%7C650x280%7C650x250%7C650x150%7C630x90%7C630x280%7C630x250%7C602x100%7C600x90%7C600x280%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C336x280%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height%2Cheight&prev_scp=amznbid%3D2%26amznp%3D2%26adpushup_ran%3D1%26hb_ap_siteid%3D37020%26hb_ap_ran%3D1%26fluid%3D1%26refreshcount%3D0%26refreshrate%3D30%7Camznbid%3D2%26amznp%3D2%26adpushup_ran%3D1%26hb_ap_siteid%3D37020%26hb_ap_ran%3D1%26fluid%3D1%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D118e21aeffc5335d%26hb_ap_bidder%3Dappnexus&eri=1&cust_params=da%3Dadx&cookie=ID%3D4d29286e6c64f61d-225ad36302bb0092%3AT%3D1631337503%3ART%3D1631337503%3AS%3DALNI_MY_x0qN1I1WSRQM8MlYMs_z1_AvLA&bc=31&abxe=1&lmt=1631310884&dt=1631337503912&dlt=1631337500298&idt=1607&frm=20&biw=1600&bih=1200&oid=3&adxs=269%2C269&adys=1158%2C2094&adks=650316915%2C1552038371&ucis=1%7C2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=730x0%7C730x0&msz=730x0%7C730x0&ga_vid=2047285284.1631337502&ga_sid=1631337503&ga_hid=164543264&ga_fc=false&fws=0%2C0&ohw=0%2C0&btvi=0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
0f6a9f4d1bf07f80fcb0d73f7d80cd91b1f604533110ea4a4ae0547590562775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19367
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thehackernews.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f05cb00bbbfe215e93b921c479332c98.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 746D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f05cb00bbbfe215e93b921c479332c98.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
f05cb00bbbfe215e93b921c479332c98.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thehackernews.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 11 Sep 2021 05:18:24 GMT
expires
Sun, 11 Sep 2022 05:18:24 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/ Frame 8EA2 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thehackernews.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlIdbpWr7vpxXtlIJReRC6CgWlp07Xmm0DrjY5m3DZleM5dFJzwSfzvPnqt3ys
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 10 Sep 2021 16:50:52 GMT
expires
Fri, 24 Sep 2021 16:50:52 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
44851
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 116F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210908&jk=603390638843779&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame BE79
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=2569898456&adf=3546401298&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1631310884&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&flash=0&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631337502568&bpp=3&bdt=2270&idt=399&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4107475632101&frm=20&pv=2&ga_vid=2047285284.1631337502&ga_sid=1631337503&ga_hid=164543264&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1031&ady=701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44749369%2C31062297%2C31062311&oid=3&pvsid=603390638843779&pem=370&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=khKurI6XFA&p=https%3A//thehackernews.com&dtd=412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlIdbpWr7vpxXtlIJReRC6CgWlp07Xmm0DrjY5m3DZleM5dFJzwSfzvPnqt3ys
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 11 Sep 2021 05:18:24 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 11-Sep-2021 06:18:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 11 Sep 2021 05:18:24 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 11 Sep 2021 05:18:24 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
pagead2.googlesyndication.com/bg/ Frame 95AD 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=2569898456&adf=3546401298&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1631310884&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2021%2F09%2Fsova-new-android-banking-trojan-emerges.html&flash=0&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631337502568&bpp=3&bdt=2270&idt=399&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4107475632101&frm=20&pv=2&ga_vid=2047285284.1631337502&ga_sid=1631337503&ga_hid=164543264&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1031&ady=701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44749369%2C31062297%2C31062311&oid=3&pvsid=603390638843779&pem=370&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=khKurI6XFA&p=https%3A//thehackernews.com&dtd=412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
sffe /
Resource Hash
eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 01:56:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
184926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13458
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Sep 2022 01:56:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210908&jk=603390638843779&bg=!CQqlCk7NAAYT0U73E9E7ACkAdvg8Wqm_yCcVM5RtOehInQBpPgmR5fWIyFNAB89c1OIgHtqK_ZDuBwIAAACyUgAAAAxoAQcKAKh6YCGNJeQ-Jxxgb3y-62zn4vjz78i-GVSpZWo_d708syA_7vQy9yAXWvy-PCfpG-xgXqZgcgcHU_eCCeEeRDQ2jc_8BfAnU2hhjjqQwj02vklUVfpwjMv8YvY1ECgMOJ6-MCh5tk1lCnGc1sDnjd-VtjmghPBzL7KEvegNK5U9N-sY6l4lrXKHTBndwbOX_aDDXV8ORu9PU05gG-MS2IIZ7LG13gT2OamZAoKoWFpca8XWUjTZKCvpICNrsPC2Zn43yr3TwqiQiwvFGYqi9w_oujCL2yzzOzsbYMA8qMctMn_daLhO0kJOqMXYidi0-1B5SBUkUNmLl-aR4uSDL2ZYaqM3fFlcCBsFlLiT0GizT6l-VWrPkr9e_ZzmsmTyUgsBqRIodPFaf6clQokoePnMW6L_g1CaIlyYuYxzrWvgg2ha77knvHjmyPr2kX7rRc3IWY218Kq6yGH7XGtPvLI5-FgLbaqEfWMGI0IwKjBy6rBpLom63J61MgNveMDrDCt2dEmIzVQ6IzUi5XB35wAoVJV3y1H9kcHZzEa-CexLBejjr_SvTYmZgdlUlbU1Q-KEYofIyxc_37CAy4zCljGioFgsDK5jeJdoLZcVVEcL2qWdkTi_g9xpFc4Is4eq_v3YND06Tfwp-8BfQuXLEJvM48tpq69nf9RsasfUstaTfsDy0gPv1q7pvPI7rWT596trhF93n-w-cgeyYoKYV8D5dul7KvNsIrXr5MFu074aV7O13D5zLjZolGvoJtBtGG-vuYloeAPl6Xei8efOgdXq7a1uBuYa-Hjm3u6Opsn_ARu-ZVmAwF1fuSflaFaHpG4QxKgI5Xy3pZtQBGs3SUHjUmzDCvLPieFn7f6k-VN8GwjYDgYG9i6xuc1Jpv9yQc4-xeJZaIvkhIHo5C6WsSoJEyIiuKkIb7B8Ty9FHEbY3B1bOf7P9-2P5zwm8w9SAa-N24Xsr6Bhojjak9hcBDXVt5Bm8rmdrMBf6MncPNCS3m3M24T1e5fFJGQaUnWj1FAmCdXr9_recl256Xrh9Du3D7wr8wbqaAU7ytOM65FIig3h9H4rKWJdd1813QQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 05:18:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 8EA2 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f10.1e100.net
Software
ESF /
Resource Hash
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 11 Sep 2021 03:44:02 GMT
server
ESF
date
Sat, 11 Sep 2021 05:18:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Sep 2021 05:18:24 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8EA2 		205 B
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 07:47:20 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
595864
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
expires
Sun, 04 Sep 2022 07:47:20 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8EA2 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 14:49:46 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
484118
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
expires
Mon, 05 Sep 2022 14:49:46 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210907/r20110914/elements/html/ Frame 8EA2 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210907/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
cafe /
Resource Hash
4a813e1cf51a9ae7ee86be634312b025bc9f6b1a825308c717dcc9b43c0ce25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 18:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39499
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7693
x-xss-protection
0
server
cafe
etag
15492606927302909567
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Sep 2021 18:20:05 GMT
css
fonts.googleapis.com/ Frame 6479 		3 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f10.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 11 Sep 2021 03:29:49 GMT
server
ESF
date
Sat, 11 Sep 2021 05:18:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Sep 2021 05:18:24 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210907/r20110914/client/ Frame 6479 		1 KB
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210907/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 02:34:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 02:34:40 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210907/r20110914/ Frame 6479 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210907/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
cafe /
Resource Hash
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:13:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
302
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7641
x-xss-protection
0
server
cafe
etag
14368791910870210898
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 05:13:22 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210907/r20110914/client/ Frame 6479 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210907/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 22:40:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23861
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Sep 2021 22:40:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6479 		0
0
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210907/r20110914/client/ Frame 6479 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210907/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 03:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6814
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 03:24:50 GMT
8b8c639f95e935c054a6465040a495ee.js
www.gstatic.com/mysidia/ Frame 6479 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f3.1e100.net
Software
sffe /
Resource Hash
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 01:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12530
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10883
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 20:25:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 10 Dec 2021 01:49:34 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame EA83 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlIdbpWr7vpxXtlIJReRC6CgWlp07Xmm0DrjY5m3DZleM5dFJzwSfzvPnqt3ys; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 11 Sep 2021 05:06:11 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
733
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
publishertag.prebid.js
static.criteo.net/js/ld/ 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
9b34825eb68ebbe49410251b863c07e811c9e406286c7a8f00f88e83d9729c68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:24 GMT
content-encoding
gzip
last-modified
Thu, 12 Aug 2021 15:58:00 GMT
server
nginx
etag
W/"61154508-14e39"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Sep 2021 05:18:24 GMT
ui
www.google.com/pagead/drt/ Frame EA83 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 9FD3 		0
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012108302037000/ 		189 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108302037000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f1.1e100.net
Software
sffe /
Resource Hash
17a98c3a25d9fd399347ac5d2a961ef3d614fb16ee9ea5b8eb1b3e0c71020839
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
12592
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55349
x-xss-protection
0
server
sffe
date
Sat, 11 Sep 2021 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0eac791049ec30cd"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 01:48:32 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012108302037000/v0/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108302037000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f1.1e100.net
Software
sffe /
Resource Hash
406a56550c0b340121333c0eadf8f659cf194b2a39c656104e4de08915f4841e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
12592
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4999
x-xss-protection
0
server
sffe
date
Sat, 11 Sep 2021 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e8df1836486da3b4"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 01:48:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012108302037000/v0/ 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108302037000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f1.1e100.net
Software
sffe /
Resource Hash
7805b83ba0d102b16fc4aee78be0a14a5214523f324fe5a8fdc8f8e264360d40
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
12592
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28502
x-xss-protection
0
server
sffe
date
Sat, 11 Sep 2021 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"76def82bacc9cde5"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 01:48:32 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012108302037000/v0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108302037000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f1.1e100.net
Software
sffe /
Resource Hash
cd277b479bb821c52d95118a17fb1529671d81106fc011675c4912491f06f147
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
12592
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1636
x-xss-protection
0
server
sffe
date
Sat, 11 Sep 2021 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c23f720ccc1ab13e"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 01:48:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012108302037000/v0/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108302037000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f1.1e100.net
Software
sffe /
Resource Hash
97d66c75b11c855491b00fc9433a6bdf0d6b59dda36321842b1530c19154e9bd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
12592
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12821
x-xss-protection
0
server
sffe
date
Sat, 11 Sep 2021 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3720e45e7e363a69"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 01:48:32 GMT
css
fonts.googleapis.com/ 		4 KB
617 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f10.1e100.net
Software
ESF /
Resource Hash
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 11 Sep 2021 03:49:06 GMT
server
ESF
date
Sat, 11 Sep 2021 05:18:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Sep 2021 05:18:24 GMT
css
fonts.googleapis.com/ 		4 KB
617 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f10.1e100.net
Software
ESF /
Resource Hash
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 11 Sep 2021 03:45:34 GMT
server
ESF
date
Sat, 11 Sep 2021 05:18:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Sep 2021 05:18:24 GMT
13386431297853401378
s0.2mdn.net/simgad/ 		1005 KB
1006 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13386431297853401378
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f6.1e100.net
Software
sffe /
Resource Hash
36e86a1e7c8e848dc785509efbea70ff403c6576b0a9fcb00a3c049eca01b360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 03:21:39 GMT
x-content-type-options
nosniff
age
439005
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1029198
x-xss-protection
0
last-modified
Mon, 16 Nov 2020 08:11:34 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Sep 2022 03:21:39 GMT
14439302791063154816
s0.2mdn.net/simgad/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/14439302791063154816
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f6.1e100.net
Software
sffe /
Resource Hash
f21d843e28fda5fd9d8768f419bb4595168b054df839606e7cf203ad781a510b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 23:06:10 GMT
x-content-type-options
nosniff
age
540734
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3152
x-xss-protection
0
last-modified
Mon, 16 Nov 2020 08:11:32 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Sep 2022 23:06:10 GMT
ad
googleads.g.doubleclick.net/dbm/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APck-Gv-liPJmdrLwIZbTN2un8AfXH7eh3WRwj4ZWcrTSavYTLCHGw4YbjcCv-GrwA3Iw82k1Phuo4WyPXnW95g4zl-LoO3L5XCnNFu2WBvwkpkmQSDwRiqs7AHi-b2VFdDbDyLcOYw1vQZPU3c5QBsTERuw&dbm_d=AKAmf-AA7Fc3B5U9xGP3t4DFPg6QWShJcOFL4-HpaN6pYzh8j5dn3JkheEvC6wtbwOOW9DqMCI8KRl-B7t_DHq5xSC4XoR35zKF5rKm3EcEPE7XiAcfwxv5H11J3IGYlw34w5uU092PMSG-pMIlnPRxxq0VQ6jkyhr31MzLeJ4jSjbNMNr8ZJgTdxKAE8dFLcT4USTULpHvGUzKryV-Q1zrSLwFsnQiyTDDFdDH4En_jDjEgKqLHMRthUBexOvXcJQJjWzhPCMEtIRievLt8gEVOzla1B6MyLh-ZtDeLQy_UOET0J5dIfuzXgqvxlgoToF_ufw_DU1QGw-CM8evBVKaZS3o0jSQ1AWy3TaAESYhcEFj-iRE9LQAK7fB47qx89laNoNGXoC-qiwTJNt7tRm8sO76OiEgHMAOB8ivDOuqCxHUOz8-olULgciLhWw_d7ebL22lsxbSNkkMXdB81fmbmy-jIuxrx60NyckcjR1-dxRi3FHXUcQw0amPUxYu-Z_iysX23-PV7FDK8JaEhkXbYeDFS3_-9ZiV1j2hiUhnNIbkj6bznDNPgisNzHc-gOtL8mkGK7EhAyp9otGlWZ9fphJctJJHZW-Dhl155N33ih-BJ8vyMfnzSKUyWzRdDugQuKTXdkK1E4ap1neDJDYB2B3dl1tGub_ZNUfhhDL6kwCFyJHcfPWJYNsZ-njSpZPCMsKQumCrcMwjD7lSqMpkOCFnxPtUSv0A2vP0wFwkMoc_XBQYEa3N5P7oGSKptHGkJwEB9fMoHIjx9I2-EN7nzDi5NfSTv7u8P1Ke4H1RItqPouQoPeNTTXBxvYS30QCB-HG-4OhkbdymBPlH9ulSTOedulhdJOX3f66NSyr4sie885kD81dzuzKfJmZJBDPJ38v66mwIOuJ-reSeJOY33GVWZYRrwFpQCdclFOEaoEiHwIQhLH5_tnApLYbwWnKfU9vjuzM8ZsTEFbDZCxObyyxxxqhB2gahiFVktvGOiwgiB7W0ZMFI_-7JcJ9N48bQODuGDoMUdSHbNdyqWW3-G5LlXppGK2BTtTHLZ7qZONK3hpdbPLqykKDdcm0PHDPn-RhinXJThvIS8ZexjNK9zJXmCsJlFcVFNDhGywszhN5VOINI8iByMsRUEiMvttmsuR_XKKZfCA3CTYG2y4DXK4J4spLJGumcuw3xZe-svCSX-zTziadtJjiRDdEzv2GJHpROiXwjad0oqdXDitGjhese0_HAzxTZ-10_eP_xdaKvIlQH2-5rw2ArkGsir5PMFM0U-zzLuJnfCaOM95v76hSlQDRYQ4s9CxYoqBlxNGXrlUJtQju0Lz7-zagfk0Y4XlshJpj4sJXnpibNkjgulE_gJZb_a79x1G58TfK8eFrbnIqyhkEKzMbZdQDFf-bnSsPAK9IC2bvN72Po1qNGFBRX3v5DvFXFWvKP4eB2axV6VGzSBRkF7l54M1acHCgj1dtH7AwqrvEbdFwQyYw0SeFRXchvQ572zjXcgt0JEB7HLyvFOvXOUDn85X_25MkWgaml-3dQrpG16q4wrFU3LT8qjgJTZ0FaFZQUEupmWY0tnit_cFOXY9-XbVLX6PaK1FMoU-pSTIGhLhIQB7Un2IOBwaGbTPwEQ6Ksp2FYgAf1IVEfmZPqJuy1_7dUJl5Ve2EgEpq1ooSTsZSTrzElH-zm5TtXI4VkTTzSiTfkcSrmhmM1cFnrJUFCPU3GOsgZUphYd9sEwucj2sh53hsHGDybo2jAEqxCmdz2LBWXK5ioMHAvFp2Le_UWDWK2sa1f00u3kEsC643xwoY0lo_HwJ1GgZcSeBmz9240AqDkd0OJsNpN4NFsOfk2SJtS4OBLnz1SMbh9sXCmHBNv6x3ul8Up-ZaNwvthwfXbqmOyPybJjbBnZBHuXYK_LzxTZf_dvRm3yEDoN_sExjz73Gxq9lzBzEkDpGELEGhP3fo2TNkYwlBcxfhqffLcdqaEAtN1FRXjhnpJcuXhUkMjrB3A-mD6aNKm0EbjkELkNyrUv9J874xAoCyTpBdASYv6iKhAgKbr4nT-VT-vAFtpZFBZULgg5Iesjd7txsavMywwUWkxpIzaFLCWOisYVHN9F3Tcmzaz1PtTiJJ9ZOiB6Tp4RZ3RuaWvaQuzeDz_W-LugDi0dNgOdFtjJJq8yCx1RDBCftBdSJs2cQ6ufIWDmO4eQwAUhoasutRoEr2nueX8Nbw457tUzp1sDaF0bhk1tndajC9mvz6UpX0kaPSMEaLsOBmITS6QGP1u5ECx0kEG6Ea_L8ye596uD7wdB9R7poHCQrx02v2Onu3xWEweZzLNm5AQGH06NAjHUWBo3oWTSqQp61U2arLderM8fdcIZMWiA34K3aminzO2hZM3FTwU2ilwfvZfYr5Jed5ho3HKsoBwsZAbKqviZVMKhUjOgfg7j9wJfZjvxyIrja30kfEXgM25JEFzEE0bBLx4ElMF6w6p6hv2P1sYnmwoIXiRZ3uQIJaN17knTd0IdhsGrPFCM7puRHCt9aXTNEgEkoh5bchdrdV5PHkKby5mbp3hoTgHZgIvNq4Rh4yAgfMOT3PJafBGWp6N5pc1wbHz9Qz4AdbL5yTkmL_fubmRKi23-XEiEFfMLuKZtMuSOlupunur3IZGXd6a4E_u7tEIawk2YYPn0JbZn028MlvPoy4isXJCGI-eDf6NktTnULfnw3atRz8cWHaLmt4GyKHXy8r2kvDHEtjvxDyEhwFMeBkeDtGrFXCz3aGoFyu0YNz4KU_W0g_l0q5XfgU1-CT0bQyg63WGAUdEtfilVGwK4W91WxgP-94Eaywy-f85FKO1w2s0YMh9GezqatrfXoV4FNQ5FGkX6DHSWsb5JFYvqjnojeuYcoZK7YggVEcS_GkrnkhRaCNQdE5dZWDtVnT83lW0WdQ1X0g2U2XW4BGpAIDLcpRsN27E0NB-zqPndYI7tF6K-UEZmPo9HoONvsMAHQbXxnnlw-zrmiVGpz04Lp4ptbil6IRXf2hOH_SwOa1y2hymjMnKy8dlRwy_bL3S5nO2WV7OKdSgSXCdOVJbUQ7587mcmqt_1KaK1q7CHnQJsPH8lzKRzX5WDD366aPny7I6nthYhjJibmiB4fsJQB5TWst1rBtGhuujelqYwBTceviHYIDv2sInc2w&cid=CAASEuRod6kYGb3AZsOx21odOAJ71Q
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 05:18:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CipSjIDw8YfzkAvOOjvQPm8mouAOA9KjCY8DozNbMDMCNtwEQASC6hMAzYMkGoAGMk_qrAsgBBqgDAcgDCqoE2AFP0Lf8lf52RS_B1dOgEA7UonO3cVF1MYBliss_AfQyNffFUbjifPOlP99IofNXCMSdNX1e8ABJ3kL0t-_R7OjxtSMXG0IWIfEPs1ZeTXVxC43QQ2mPYBPWJuDXq_sB2siFM9ORCjEYKsy-lXsavWuBfNZXmpE_Rgj-T3__qIJWmCYXNxaybeT-ykQG2QIqDI9uZM07a1SdqxrJKDyt8LwyL3kmaPyzY3x4DY_Zy618DTir3oOOVwyyZSuKXRI3iRfUwkwPrPCh5mFEJCv4lxUvHSZnveqX9PvABIWKjveiA-AEA4gF4oXM_SqSBQYIAxABGAGSBQYIGxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB9zshdQBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAfIHCxC5qJACGJWnpJYB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tOTAxNDU2OTkwMTM2NjE2NYAKA8gLAbATqsS7DMgTzMv7CNATANgTDYgUA9gUAdAVAYAXAbIXHgocCAASFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=yfCYH2LqLCc&cid=CAQSOwCNIrLMSleBL7VEajBrVYoTg_C_a70-JNuFKn8T9W2inBt4lqwimfr0ml1NUXEF9g33pSOLGEsDvLou&template_id=509&vt=10
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQcksiUX791PV2ihnkeVdzzCsVY6zlIKzSXVcyH4E9JS2koAHLC-nlCJHqYovpbKsTMk4XTF6udcGfwsFu0s4JTUs2KqQ
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Sep 2021 03:16:23 GMT
x-content-type-options
nosniff
server
cafe
age
7321
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 12 Sep 2021 03:16:23 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ 		295 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Sep 2021 14:55:58 GMT
x-content-type-options
nosniff
server
cafe
age
51746
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 11 Sep 2021 14:55:58 GMT
ad
googleads.g.doubleclick.net/dbm/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APciROuNgNEA8gRLsh4zOp8PLdZDsSkj9BUoZOntgRiSw4uJcgfDVrfAzdmHysQHzwk0DYQlASzkuOBYsimJa9qDrPZt6MGe7fQBH5EkM44iw5P0WY3zRFGcwPxh5HNqk57xW30-8jg60ugnfMrKZYp2n2FQ&dbm_d=AKAmf-BUkIqZKjXXKH494ajt7ZiZm0n2X7uFg5c-_WWRMHlOBUAwpFUYgcViTnjGUGRZWiSqS_BTJJOD0VjRZTZlG8mxtACPs9DX5Y257W-Qgx7UbwIkj0BpX7VcTScJ1ZA9A8xzxyVCvvfI3whTvrMTFMH2zqHdHIhPPUWNQR0kzifj6cgZAy0beSVDE5MtozhujEqwmL-gCGZ33VJ2vqpfFtNQeY_vsond5-yNHPPRhbS4HiYkjOJFOvCSO8AcJZYerbNehn-LSuaVuYu3xU_8b0Pz0H2nohJ3-miVyro6BwW4aUZnGPQZpbaNPzWWNeeQK37_qBR9VkVPHlCAmhQLsXd7kct_xANMy9kVL91bkED0eMkSp6SnUCqt8T6MTSP8XtJDyyfCuMx8Wacstgpvg5tE3vnENyP0obmekV0QwYge_1iFA3O6vp9InBrjc3xpxmCuMSCUPkJUGqoD04aPEHR-u5ErLIp_zuIHSFAWLRUU1yVim4MoeczfQ3K6s9levxrtKVxxjMU0W464ZjpVu6A3S2sFLq6Z-wuFSdgzEsUC_1f_lr2_0tAyOf1VB2aGuqPVjrHsLlpZ_MBIe2N9ARAylLbYmNpcWOLOEVyDjEGq7Etd0E5cjGohV47rjePG6rwBplXVunGo51dwVTz9GUkT80ROhoca1Ttj50ve0udQldgE-sO79nz8w7qGSng4TU4alWV1GtEvX7MZnbBhoBELlyaLP-epritKdDriRRZFm_KdXkmiCbDPnYscbkEEBLj3nJ_CFBHeCe8Vobcgkww6TCaW4i8YR-lku9cEsLnrGmhM9EItmvZaYO0y89TjCv_tEcWzmy5N2-BJgQoTleY7ybl8zzZwMFJ7XkAjOHzizKhxuuHssAegUQFECAUa8ki9EquqFboR9Cyb1oKZ7puh1Q6TLRWrMLjurg5iiI4X12wUcMhkxrdqO5x5Nc7HujCgxBbmFZ1Mtgl5m0zxVZc4BoUt4tEJ7hi9F0WKAMmmB_KzFMfHQ74FTW8VQiQfTWvMJAzFobWXc5kwx9NMXAaZ0Ya5TkXtKBp6j4oa9ZTO-sr7YXlATLpYe-FnV0ckcuotuajTknpw_QQc_RM4zQJLTttdnxIfsq63pw39Dfb4HhDRLEEXOQ8JMzR04ZdaR0WEXKKfJmPW2LzgDZfYlHsWRyobflxVIIT2JWahby4equSKKK1Kp_M1rBzZOU6D_tF3RJT-WMjt3dGRnDohmg9q5aPVgfpHXEqabZNir8YIsry-XuuNBl4zrW35bU3GBFwIi6Mm2qdaKXuedn8eEUsJzC1WG4fHd71zef4tiG-YyxnAY_VbE1ZssYpkWODKt6cH53Ky_W5iGh-evt-kgIONhWgApVhWxO3EREdyyGZg52KsOtudOQmeiN-zNDl_iAN3Av8rjJnpwk3MNkiEUvH1z22DReHniT-TkN3DxIrhGegvCfrXrhU2D4E9m8toVKAPbAj9aK_WaFf0ai9Vqohini2p_bBDUnqr9Tn2G0qL5WnuiIAz6sSTh5tSYW3IPYbwEa51pLY73s3NNKZ7Bumoh-mqi8StgrBrnSaclvkvvmj1bZf7lsgJBsgfaGYnID0sW_o2C35lEumR_swto8Um96JnWbN9TAEeHogeZr2rB6kfevQPQWWy2fcNIXVDgWGy-pnoaanYUQNHqRBEhImBsPtTDNIAkSXTR18_RIlrcDQU-MmmGNr03IVAowAbEmeJC4UF-shBy23vxlKIokD7_aht-cQ1PlX9nnCva8wYoJhJd0SwECa2AjI1LEz7vctQiyKVXGgmjfEKh47Abd6JJ_0dO7p07mE6t-gBEog4YFSstwYbAVQ3hxTswuAlqOajqAGzsdbRwcSuUIsJeZvdcHy2iFYAJvKF8AFGh09Naomtndp_MuZrtoiMzdw_Hozz0-XY1cak8dqmlBRXOVKBEyXw1j3VnRmo079QBg-JCXSNMZ4_itn4wNFXsBxTVefzZp4Kt1EdY2OLLXSJceUrZaELrPQ8RQpYTiE4Wi6oUYLnJa43U8EmUOPtT7YoQ0BgrsMSxU8KNfvlWrw6dyucv6IlGiDC-4LB5xsoJ4q2ggySSYqFOiUqNbWlE2BKgHfMjw758z6JRCs0vbxDZ5-Us2VG0gmX4uSqOJAe6cmFhZHKe6FjGvIsMfr2MoxFYai6kYjdE-EpUKO9K9_jU9OssyFYdaWR9iNfHzJ2QKN5ECJJKjm7qchVpib4xVR494RCoEvgp5i7UiVsZYalqvKgCdio9i3t5_phXHmlWqV5ZtSFwxjNh67nd6XJEc-hO5_tPHW_DpOi0GvOXqhbX78sYEXOMGiI13FNC6tsk_Y4dNst7plpaoz5Beau5lYQoG8l9b3N87YrpjeFartz6d_ror9ieNJ0H5E7ismySsPPVTxHIRnuODUoq2bQlMYpxi55uNG6DpVcepgUDA4bSiKWUnMtrX5lzDaZePBd9yRNupf7bg-WLFqsSIB6XZ-_oFL5Nteb5BOS8GL43zEi-cCHjpSSIU96jjYMyZR2k1FWlNiZ-8U-lM6Rz1Fz373T7T5SUk8nDIdpXTBGkhOXlILFy3xcInwlsDcgqPUkfM6CyNRdFpJF-sQZ8batbwXjza_STh7BJu6c3YdPKkAft9e4G0VSzqdPn-iwef9QJV7CVpfco5OBLaYVHrUJHJnHhxofrvPcQA1eCw5exHOjlPpsE6wDj3wdnKYtXXFZ_Cb4kimLn8ejwMsRCN0EYrapVAcKe81jg0nZYkB9VUSK_itRjSFVROSMpVwyLrF0eEsTYi74EOL0XLcXbC4XfIdcd4CxmvZ8cnrwMmWM5EyybOPVNI8zXbcnwNev3R9zhZNQkx6QWAxs2vXSqYTsdGX07OftB2RA3NfYwfT4Q775-fX-UjfdW6LvQ1ZyXjxiXkMe5uWfz_wtbPF2I5AR-iSOT-UWauowe9at4o1IaHhwpNnagwNFUViUflJYvkTlB2ib27ZQnl8PQhAZvZGpGsD_Bybj1BrqRcUvM-HrqtjjtcVzpDoECSEjrmYkb-xkhk1kRJd0ty3oW5shVHr-53ka0yMU7UBwPe_i1iR1t_dCaFftJsYYrXOsHsa19TVRoKT9-fk-LdLVzw9mWTDnoIJnf4X5Hq4K00vSru08MlR4Xyr04ArQQw&cid=CAASEuRoJN-XHZpc3PRVptqed_KkFA
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 05:18:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ct2BtIDw8Yf3kAvOOjvQPm8mouAOA9KjCY8DozNbMDMCNtwEQASC6hMAzYMkGoAGMk_qrAsgBBqgDAcgDCqoE2wFP0CW_KZmbjxkbc4Yk-FBokuL3NeRNoePLVOEYX8UEkSq-NzkZHCtccnj74JWyCTs08x1xxBHPA8R6w0kOdgQNDnoS0vLalS5Cs38rJ56l7HAhS8aRfq5H0w_875a0Gva_zlOi_OKJGWAqQXyY_yRrVz97_eCkJNgNRBolhm8nKAEChpj1TSafmNEO8N6poA2SDqte3fNItlnDAgIENwnIE6pLX6kyqxknwMAR3dCZqIvBEJROR6M9JsL7cFe948gyzDgsiK63Uu0VhkxawUUlrtCeds2ziiXVkLzABIWKjveiA-AEA4gF4oXM_SqSBQYIAxABGAGSBQYIGxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB9zshdQBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAfIHCxDQ3PYBGJWnpJYB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tOTAxNDU2OTkwMTM2NjE2NYAKA8gLAbATqsS7DMgTzMv7CNATANgTDYgUA9gUAdAVAYAXAbIXHgocCAASFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=fsQb9ARF8kY&cid=CAQSOwCNIrLMSleBL7VEajBrVYoTg_C_a70-JNuFKn8T9W2inBt4lqwimfr0ml1NUXEF9g33pSOLGEsDvLou&template_id=509&vt=10
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
truncated
/ 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
564e9ddeec90c28b732ab35879a5d647c9d362d5683418d4fa893a2e6684d02b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
publishertag.prebid.js
static.criteo.net/js/ld/ 		84 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
9b34825eb68ebbe49410251b863c07e811c9e406286c7a8f00f88e83d9729c68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:18:24 GMT
content-encoding
gzip
last-modified
Thu, 12 Aug 2021 15:58:00 GMT
server
nginx
etag
W/"61154508-14e39"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Sep 2021 05:18:24 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thehackernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 19:59:02 GMT
x-content-type-options
nosniff
age
206362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Sep 2022 19:59:02 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thehackernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:13:46 GMT
x-content-type-options
nosniff
age
173078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Sep 2022 05:13:46 GMT
rid
match.adsrvr.org/track/ 		109 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1630192405005.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
9448c3afc3d9965b85c0d39671441fa5bbf6a16f5084cfaf83ff2fcad1a61d67

Request headers

Referer
https://thehackernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 Sep 2021 05:18:25 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thehackernews.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Mon, 11 Oct 2021 05:18:25 GMT
si
googleads.g.doubleclick.net/pagead/drt/
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2021/09/sova-new-android-banking-trojan-emerges.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date
Sat, 11 Sep 2021 05:18:25 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvX5dVHaEdRPVLtt9V-AU1F5BCKSr6qXW0xmaiLMlzAlXQdJMKsJJhUGt9vXc527u0sqZ403qQAZ3-dX_FgOyodLCAFU1uTzths6elP8hFvLDzMxJC8268-Az8&sai=AMfl-YQA0vdUpye2qZriU7Anz6ohyzWBcS3mJFt5TCCjP6n-_WZGJhRMYqUY0G7P4Q5Labnon1OrYyUk7sEYh8ItLl9ed1WfTyyQXVMAJkf2nnqPBs990hVmx-41mlA&sig=Cg0ArKJSzD6XhCYmHJIGEAE&cid=CAASEuRoJN-XHZpc3PRVptqed_KkFA&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=400&tls=1400&g=100&h=100&tt=1400&r=v&avms=ampa&adk=1552038371
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 05:18:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
www.google.com
URL
https://www.google.com/pagead/drt/ui
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0QeXs99kZfKbPI5PRuxSyyl6divliOGSBERb6O6-mvEL_DUdgXNr0HYUAA-gcs6IOTosuz3vYn0OuNbaPsBMS9fWAGXNc5ZYlgmw7X2nGekwi-qaifBmegYA&sai=AMfl-YT6K8UvZvyGZa4viBKVELEB7mhzLZoTp21ZPY4z6VqqRDTjDGr_c_LnBx0xKNIv1qiCZU8DryInRged&sig=Cg0ArKJSzNdj6YxypCeMEAE&id=lidartos&mcvt=722&p=701,1031,951,1331&mtos=722,722,722,722,722&tos=722,0,0,0,0&v=20210910&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2569898456&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&eosm=0&rst=1631337502981&rpt=881&r=u&ec=0

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| onbeforexrselect boolean| originAgentCluster object| adpushup string| share_url string| share_title function| setImmediate function| clearImmediate object| dvPerf object| _dv_win object| dv_config object| dvbsScriptsInternal object| dvbsProcessed object| _dvScripts function| dv_rolloutManager function| doesBrowserSupportHTML5Push function| dv_GetParam function| dv_Contains function| dv_GetDynamicParams function| dv_createIframe function| dv_GetRnd function| dv_SendErrorImp function| dv_CreateAndGetErrorImp function| dv_getDVUniqueKey function| dv_getDVErrorGlobalScope function| dv_onLoad function| dv_onResponse function| dv_getScriptSRC object| IQPAParams function| dv_AppendIQPAParams function| dv_onError function| dv_getDVBSErrAddress function| dv_sendImgImp function| dv_sendScriptRequest function| dv_getPropSafe function| dvBsType function| dv_baseHandler function| dvbs_src_main object| dv_baseHandlerIns object| dv_handlersDefs object| dv_baseHandler__877755136674 object| $dvbs function| __tagObject_callback_789983608502 function| __verify_callback_789983608502 number| depth function| $ function| jQuery string| currentState object| googletag object| _apPbJs object| hbAnalytics object| apstag object| adpTags object| googlefc function| __d3lUW8vwsKlB__ function| _apPbJsChunk object| _pbjsGlobals string| nobidVersion object| nobid object| _qevents object| dvObj function| np764531 function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| apstagLOADED string| pubcidCookie object| dcmads object| ggeac object| google_js_reporting_queue object| default_ContributorServingLoaderClientJs function| __Y9uNstf385Zx__ object| __fcInternalApiManager object| NmI2NmEyN2Y1NDFlYzE1ZWxvYWRlcl9qcw== string| NmI2NmEyN2Y1NDFlYzE1ZWNhY2hlZF9qcw== string| __fcInvoked string| __fcexpdef boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| Criteo object| goog_ddm_ps object| ampInaboxIframes object| ampInaboxPendingMessages object| dv_baseHandler__56405955315 function| __tagObject_callback_634365260878 function| __verify_callback_634365260878 object| lazySizes object| __cfQR object| default_ContributorIabTcfV2SignalJs function| __m0F0sJOg2G__ function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter boolean| google_measure_js_timing object| default_ContributorServingDetectionClientJs function| __45zy51t9ik3m__ object| images number| index object| adsbygoogle function| head function| ga boolean| __cfRLUnblockHandlers object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| google_srt object| google_logging_queue object| google_ad_modifications object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint boolean| 7c75931a-e404-4570-aea9-47553667e3d7 number| __google_lidar_ function| __google_lidar_radf_ function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner boolean| google_osd_loaded boolean| google_onload_fired object| default_ContributorServingCookieRefreshClientJs function| __8v31i8woen1z__ function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_llp object| google_image_requests object| criteo_pubtag object| criteo_pubtag_prebid_112 object| Criteo_prebid_112 object| AMP_CONFIG object| __AMP_LOG object| __AMP_ERRORS function| __AMP_REPORT_ERROR object| __AMP_MODE object| __AMP_TOP object| __AMP_SERVICES object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS boolean| __AMP_TAG object| AMP function| FormProxy

39 Cookies

Domain/Path Name / Value
.thehackernews.com/2021/09 Name: _dlt
Value: 1
.quantserve.com/ Name: mc
Value: 613c3c1d-21aab-6527e-e5d54
.thehackernews.com/ Name: __qca
Value: P0-646688519-1631337501102
.thehackernews.com/ Name: _pubcid
Value: b648624f-e21c-4d28-948f-cb99c68cff07
.adnxs.com/ Name: uuid2
Value: 5543585230636828560
.openx.net/ Name: i
Value: b648624f-e21c-4d28-948f-cb99c68cff07|1631337501
thehackernews.com/ Name: cto_bidid
Value: 6zCzUV82QTd3UDBZVnlJcTUlMkZmVnhzZTY5d3E5RW9FOW9NY2dVNFVqYzRieUxwVm44V1lxMk01T0h1V2JaUVZtOXBSaVBTM29QNGZoaWNDZ3hkQ044d2lpSHZBJTNEJTNE
thehackernews.com/ Name: cto_bundle
Value: T8kKfF9MTjg5dWNrc1lFS2slMkY3aFo2VFNwTjZoVSUyRnJjTlZXbllkT244d3UzOGgwamxLdHg3Z1JQTlVyTU1SVGpqVTdNaHo3S1lkTTJWVTRwT0h4bFAwVFJZWmZkWTdXWEs5UGY4ZlNiRFhkbm5MZlU5Y2plOGdzQ2w3TlZRb3ElMkZLTzdzag
.connectad.io/ Name: uid
Value: yhHQUr116DcBvnAddpn0gpHSCMmQ3qSK8IZ0Smj5
.thehackernews.com/ Name: _ga
Value: GA1.2.2047285284.1631337502
.thehackernews.com/ Name: _gid
Value: GA1.2.2084177617.1631337502
.thehackernews.com/ Name: _gat
Value: 1
.thehackernews.com/ Name: FCCDCF
Value: [["AKsRol-G8pPL7yG-AjFd_NOj6UzmeJDRu_l93NhCgdLXPuGzqUpNCHbtUBSOSqIpDLoFJ1ku3IeiTcyzFxVDYObn6K7qGoWmPYkEwPDcTz99V50caic5XDMoECkPdS0iApcfvnnKsogCPD3-E2aaJ-WWDNtrsY0bkA=="],null,["[[],[],[],[],null,null,true]",1631337501391],null]
.thehackernews.com/ Name: FCNEC
Value: [["AKsRol-G8pPL7yG-AjFd_NOj6UzmeJDRu_l93NhCgdLXPuGzqUpNCHbtUBSOSqIpDLoFJ1ku3IeiTcyzFxVDYObn6K7qGoWmPYkEwPDcTz99V50caic5XDMoECkPdS0iApcfvnnKsogCPD3-E2aaJ-WWDNtrsY0bkA=="]]
thehackernews.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYAiACKAIwn_jwiQY4AkACSAIQn_jwiQYYAQ..
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.rubiconproject.com/ Name: khaos
Value: KTFC89GV-1L-1141
.rubiconproject.com/ Name: rsid
Value: 1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVwywYaQOmrhRaqUZrmDgY/CTx+qs1OnYX6qF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG+vEKleU6LjTam3MjDFVf/xlH9h
.rubiconproject.com/ Name: ses15
Value:
.rubiconproject.com/ Name: vis15
Value: 332834^1
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB0C3dmIvlBaij4CY5gngtPJlCGpYhks46aIW1K2fWwhZrKu9O13HCu/EZBbFII7QO8mGweUluV0N0UPf6npJL4OpmvllXEtYN4=
.servenobid.com/ Name: cap_544
Value: 10
.servenobid.com/ Name: cap_610
Value: 10
.servenobid.com/ Name: cap_545
Value: 10
.servenobid.com/ Name: cap_578
Value: 10
.servenobid.com/ Name: cap_611
Value: 10
.servenobid.com/ Name: cap_612
Value: 10
.servenobid.com/ Name: cap_614
Value: 10
.servenobid.com/ Name: cap_607
Value: 10
.servenobid.com/ Name: cap_608
Value: 10
.servenobid.com/ Name: cap_483
Value: 10
.servenobid.com/ Name: cap_593
Value: 10
.servenobid.com/ Name: cap_609
Value: 10
.doubleclick.net/ Name: IDE
Value: AHWqTUlIdbpWr7vpxXtlIJReRC6CgWlp07Xmm0DrjY5m3DZleM5dFJzwSfzvPnqt3ys
.doubleclick.net/ Name: DSID
Value: NO_DATA
.thehackernews.com/ Name: __gads
Value: ID=4d29286e6c64f61d:T=1631337503:S=ALNI_MaW4qGfqNa5UfocjdHlsWHMi3D5ZA
.adsrvr.org/ Name: TDID
Value: f0eae6a9-03d5-42b3-80db-03d9f7459fa2
thehackernews.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22f0eae6a9-03d5-42b3-80db-03d9f7459fa2%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222021-09-11T05%3A18%3A25%22%7D

40 Console Messages

Source Level URL
Text
javascript warning URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292581945%26sid%3D5936378%26dvregion%3D2%26unit%3D300x250(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src_internal99.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292581945%26sid%3D5936378%26dvregion%3D2%26unit%3D300x250(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src_internal99.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 306)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_789983608502&jsTagObjCallback=__tagObject_callback_789983608502&num=6&ctx=&cmp=&plc=&sid=&advid=&adsrv=&unit=&isdvvid=&uid=789983608502&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=92&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=1&brh=2&fwc=0&flt=34&fec=385&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau_hTauD%40G2%5C%3F6H%5C2%3F5C%40%3A5%5C32%3F%3C%3A%3F8%5CEC%40%3B2%3F%5C6%3E6C86D%5D9E%3E%3D&dvp_exetime=10.40&callbackName=__verify_callback_789983608502, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 306)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_789983608502&jsTagObjCallback=__tagObject_callback_789983608502&num=6&ctx=&cmp=&plc=&sid=&advid=&adsrv=&unit=&isdvvid=&uid=789983608502&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=92&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=1&brh=2&fwc=0&flt=34&fec=385&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau_hTauD%40G2%5C%3F6H%5C2%3F5C%40%3A5%5C32%3F%3C%3A%3F8%5CEC%40%3B2%3F%5C6%3E6C86D%5D9E%3E%3D&dvp_exetime=10.40&callbackName=__verify_callback_789983608502, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 829)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/dcmads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 829)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/dcmads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/dcm/dcmads.js(Line 14)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v78.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/dcm/dcmads.js(Line 14)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v78.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292704445%26sid%3D5936378%26dvregion%3D2%26unit%3D728x90(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src_internal99.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.doubleverify.com/dvbs_src.js?ctx%3D607671%26cmp%3D24935727%26plc%3D292704445%26sid%3D5936378%26dvregion%3D2%26unit%3D728x90(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src_internal99.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 306)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_634365260878&jsTagObjCallback=__tagObject_callback_634365260878&num=6&ctx=&cmp=&plc=&sid=&advid=&adsrv=&unit=&isdvvid=&uid=634365260878&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=92&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=8&brh=2&fwc=0&fcl=197&flt=34&fec=488&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau_hTauD%40G2%5C%3F6H%5C2%3F5C%40%3A5%5C32%3F%3C%3A%3F8%5CEC%40%3B2%3F%5C6%3E6C86D%5D9E%3E%3D&dvp_exetime=10.40&callbackName=__verify_callback_634365260878, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 306)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_634365260878&jsTagObjCallback=__tagObject_callback_634365260878&num=6&ctx=&cmp=&plc=&sid=&advid=&adsrv=&unit=&isdvvid=&uid=634365260878&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=92&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=8&brh=2&fwc=0&fcl=197&flt=34&fec=488&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauE96924%3C6C%3F6HD%5D4%40%3ETaua_a%60Tau_hTauD%40G2%5C%3F6H%5C2%3F5C%40%3A5%5C32%3F%3C%3A%3F8%5CEC%40%3B2%3F%5C6%3E6C86D%5D9E%3E%3D&dvp_exetime=10.40&callbackName=__verify_callback_634365260878, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 829)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/dcmads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.doubleverify.com/dvbs_src_internal99.js(Line 829)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/dcmads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/dcm/dcmads.js(Line 14)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v78.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/dcm/dcmads.js(Line 14)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v78.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://static.criteo.net/
Message:
Refused to frame 'https://gum.criteo.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://static.criteo.net/
Message:
Refused to frame 'https://gum.criteo.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adpushup.com/
Message:
Refused to frame 'https://acdn.adnxs.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adpushup.com/
Message:
Refused to frame 'https://acdn.adnxs.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adpushup.com/
Message:
Refused to frame 'https://cdn.districtm.io/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adpushup.com/
Message:
Refused to frame 'https://cdn.districtm.io/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adpushup.com/
Message:
Refused to frame 'https://eu-u.openx.net/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adpushup.com/
Message:
Refused to frame 'https://eu-u.openx.net/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adpushup.com/
Message:
Refused to frame 'https://acdn.adnxs.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adpushup.com/
Message:
Refused to frame 'https://acdn.adnxs.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adpushup.com/
Message:
Refused to frame 'https://cdn.connectad.io/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adpushup.com/
Message:
Refused to frame 'https://cdn.connectad.io/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adpushup.com/
Message:
Refused to frame 'https://eus.rubiconproject.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adpushup.com/
Message:
Refused to frame 'https://eus.rubiconproject.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adpushup.com/
Message:
Refused to frame 'https://cdn.districtm.io/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adpushup.com/
Message:
Refused to frame 'https://cdn.districtm.io/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adpushup.com/
Message:
Refused to frame 'https://cdn.connectad.io/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adpushup.com/
Message:
Refused to frame 'https://cdn.connectad.io/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adpushup.com/
Message:
Refused to frame 'https://public.servenobid.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adpushup.com/
Message:
Refused to frame 'https://public.servenobid.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adpushup.com/
Message:
Refused to frame 'https://ads.pubmatic.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adpushup.com/
Message:
Refused to frame 'https://ads.pubmatic.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adpushup.com/
Message:
Refused to frame 'https://eu-u.openx.net/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adpushup.com/
Message:
Refused to frame 'https://eu-u.openx.net/' because it violates the following Content Security Policy directive: "frame-src 'none'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adpushup-d.openx.net
ads.servenobid.com
adservice.google.com
adservice.google.de
ap.lijit.com
bidder.criteo.com
c.amazon-adsystem.com
cdn.adpushup.com
cdn.ampproject.org
cdn.doubleverify.com
cdn.jsdelivr.net
cdn3.doubleverify.com
cdnjs.cloudflare.com
code.jquery.com
dmx.districtm.io
e3.adpushup.com
f05cb00bbbfe215e93b921c479332c98.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
i.connectad.io
ib.adnxs.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
prebid-server.rubiconproject.com
prebid.a-mo.net
rtb0.doubleverify.com
rules.quantcount.com
s0.2mdn.net
secure.quantserve.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
thehackernews.com
tpc.googlesyndication.com
tps20515.doubleverify.com
tps20520.doubleverify.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
pagead2.googlesyndication.com
www.google.com
www.googletagservices.com
104.16.19.94
104.16.68.69
104.18.29.173
104.22.54.206
107.22.113.164
142.250.64.97
142.250.65.194
142.250.65.225
142.250.65.226
142.250.65.238
142.250.80.10
142.250.80.34
142.250.80.35
142.250.80.66
142.250.80.67
142.250.80.68
142.250.80.78
142.250.80.97
142.251.4.157
147.75.38.124
151.101.13.229
172.217.165.134
172.67.70.21
178.250.0.130
178.250.0.157
178.250.2.131
184.30.25.225
204.237.133.116
213.254.244.20
23.97.225.52
35.157.147.162
35.244.159.8
37.252.172.38
69.16.175.42
69.173.144.143
72.251.249.13
76.223.111.131
91.228.74.189
99.84.82.27
99.84.85.10
01297949739ee1e73279eec02f51780e625a13003ebc6497fa92dd6a55a1716d
041343e4e0cea44b99a851d5c94199339e8110ba8074858f8b0b0f6c9e7c86d3
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07000140ab52c28ef2a522fae638638b2783786e8e2ae8cb883cc1f0a0c00df0
0bf957d5426fd541fb253c545ec4d8a9b9a8d06b2d9541d71407582da6921338
0ef8c06f838a4694022779182d58f23f4e5f101c43c31e146770b1d8afe79aa1
0f6a9f4d1bf07f80fcb0d73f7d80cd91b1f604533110ea4a4ae0547590562775
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0
15a0031aa24f2800b7e20473d3693e34f1eb22a88f6875e7efab4df1ae4aaf1f
17a98c3a25d9fd399347ac5d2a961ef3d614fb16ee9ea5b8eb1b3e0c71020839
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
278e8a13d324d852846e09b1c13e8d601d61851f5c65caaec11b19b990eab45e
2bb20b6f1fa70fd76060fede485c9e7e9a7fc76b26662d6294f42df8ebef6d15
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
331c8dbc087f677d4eca8035d19626c0662a712b95d0d78bbeba05b7c3bbe7dc
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36e86a1e7c8e848dc785509efbea70ff403c6576b0a9fcb00a3c049eca01b360
37bfceb04cc7a18df0c1da8269c382b3b088e870ab39a0987ae17a54589b2dba
3d8ab8467b889847c12c542bee765afc54acbaff1cc91ce3197ab4f2be8f08ff
3e2662d2cc5114073ccdc2611e908b3b51990027b5cbb651c69954274e2123db
406a56550c0b340121333c0eadf8f659cf194b2a39c656104e4de08915f4841e
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45f0018fe6f846bc5cbc2d74ceebc5579ad93532f60a8572b652851948fedb85
4900ee5cb3ab33213a8dabe1e3a21030347a7479d64f260f444db6189bfff61c
4a813e1cf51a9ae7ee86be634312b025bc9f6b1a825308c717dcc9b43c0ce25a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d56dff529456e37f9376ce3d34892ba6c1afb742c3a83edde34fd67cf35905a
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50af20ac38d336624a3b390f95128c0f07ad47715798b12eba2e5deffcc4ffa4
55fbc547fefa8c036592c8ab30b1e4b7ba3917c41aa96ea1ca2606521eb57295
5602d71c48b45b84797e0836f6f957388fbd2368ad953b380631f4a5563a453a
564e9ddeec90c28b732ab35879a5d647c9d362d5683418d4fa893a2e6684d02b
584da571f67b1e738befcc9acc3412dcb324f43ac172257ee967b6ba8e11621e
59d211ab73efa9773b434e6fef87e6a3a3868fcedcfc98cb5d464672448449e5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6342a2d45033654080009616325a9cd821d396224a1a0e68f695ef74def7c5a6
6795c5c8b9b0aeb87d6663ccd7a71fb9d2f2817fe9b5c2e67bce0d5a5e1309a1
688a1e2444a1171a4cfbc8674c62d53bc663bf35a7825eb3563851e79694411c
6e56358743aa409702be6cbfad0ff4d3e4b829174a0ff4feba89924ac7afed1d
7130671d3dc5e4a2f78ec6a0ed79841ba77e995f52ae073cbe7368b5b14dc387
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74696de7db3cfc983f841facfdca75dbf4c114af467b05e23fe6d95694cab0fa
75996eeeb9e9c158c31fba9c956b289f0c42221adcbde274821a52c891680a47
7805b83ba0d102b16fc4aee78be0a14a5214523f324fe5a8fdc8f8e264360d40
786a5ad6793ee0d1c3510eb1bd3a334233dcbaa9c1ecd68649506e03ead622fc
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
819cca72414b7b4684b4e7f9f00d357aa8b52dc794531c421f87ee3face16808
8301ecbaea6924afc70648d6bb74bba76e3761422bd49e1fc12d02f434a4cfce
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
877b00a77d87000d3a8fea6daa60acd48a256484cff1ff34ef1edfd728bd1ad8
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
9448c3afc3d9965b85c0d39671441fa5bbf6a16f5084cfaf83ff2fcad1a61d67
94e98a0f4b5808542f3712b65a83cbac3cbe04aceacdcdc012bcf06b36b070a4
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
96bbda56c90388fb55aa25c7f6645cd6c3d7e8dd5cab8490605556486b5f0c14
97d66c75b11c855491b00fc9433a6bdf0d6b59dda36321842b1530c19154e9bd
9b34825eb68ebbe49410251b863c07e811c9e406286c7a8f00f88e83d9729c68
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a71328300f380217ae0abf7f805052a10a0c196cb241eb97adf9b905e4a48c8a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
ac8d2f2be577b89fdbd26a497ece0c0bc127dd2ed5676119e0055b62e4daf48e
aee6ce9e6026aab897e6a28be76318a9434c63b425ae8ea7d6fb4d0541a30348
b02909d8ae8ba1131219a8178239d69815f55f9224211ea60b4cb8dc5f7f2714
b0e0c47bb6d6b45757c3368699ba8473bfe7824bcdfcd232916e66530a5ac17f
b3c9b18745caf04dd75236c06f5b262a2c50ff99106797776eacbb905f0e95b0
b6cb266d2584ba20b179b93155cf3788d2b1f3ce0303e7fc9e4bb78506fbc918
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b8f3b6afbeefabbe7324616ab00072eddf278c5c46680235d1450f0868fdd5a3
b9ee9bc28a8d598e0f75cdd1317defabe37dff3657a772bff532096451e8922a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb668f5b914a3a51619e1d07d4ed7b0562992306736c78834478292740ddbd68
bc731bfcf04ea5d554c6c469fabbaf5c8fc449850438bd5f243dbfc2c69b12ba
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c68e658ce97b0eaa5517f657418493d63effe82e0544f57cc44e4c69c1e46244
c6a9d65e5bd6eb2447ea57e398e1d30f3c6e2d022ecf195933d161ffed964690
c85aeb5ee1085ab01b9a39284ba7e65c2d9b53f805442e636dc5923fb6b34f76
c9a9c0b68251513288e324516fc86ffc96401a3597c6b0586c02203492b3bc15
cadedca735c6ec45885014e69884b741d9ef44349cd95c9271ae066216d49f6e
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd277b479bb821c52d95118a17fb1529671d81106fc011675c4912491f06f147
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d3c362ebb327634ef54c1a337b0d58dd0266d894937d55956f44b4bfb9943fcc
db3dd2c12b9b59fef4c130e93c8da20487f8b0edf4e4e833ae9706c018c0d7e7
de0e9a8ccecb80cf52d488a6b59aabe9c8eeb74978a744507c42eb13fa4fc031
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e01ddff81ef43d93f47545eb333edda3130c28ec9b62ed8a71100f1cbfd94887
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eae76cb616003cb3e918dfd9f58d63cc8e832aa9d11a9eda64b1476af57e746a
eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37
eb9c848ec9da18d752c1860659a158b81fa29012bc255c09b684d19707fcbf14
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f21d843e28fda5fd9d8768f419bb4595168b054df839606e7cf203ad781a510b
f712971813cc7aa211b229ed8d779906cf944a365640622934b26bf132bcdae3
f88754ecdaeedbf69845f3cb4015909beff31f92b173185c075ff8ab40ae3d02
f88c1e6840897c00f95c76e9d31f19061b76f1c441808874a309d4b39bcb5ed7
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62