securityaffairs.co Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://securityaffairs.co/wordpress/22121/malware/jackpos-pos-malware.html
Effective URL:
https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Submission: On June 26 via api (June 26th 2023, 12:31:56 pm UTC) from DE — Scanned from NL

Summary HTTP 98 Redirects Links 72 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 14 domains to perform 98 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is securityaffairs.co. The Cisco Umbrella rank of the primary domain is 531020.
TLS certificate: Issued by GTS CA 1P5 on June 22nd 2023. Valid for: 3 months.

This is the only time securityaffairs.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
40	2606:4700:303... 2606:4700:3031::ac43:8cd3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	99.84.88.50 99.84.88.50	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:10:... 2606:4700:10::6816:3bc7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:26d... 2600:9000:26da:a400:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.158.33.255 35.158.33.255	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
98	21

4 2a06:98c1:3121::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

securityaffairs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2606:4700:3031::ac43:8cd3 (United States)

ASN13335 (CLOUDFLARENET, US)

securityaffairs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-50.muc50.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:3bc7 (United States)

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26da:a400:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.33.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-33-255.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	securityaffairs.com securityaffairs.com — Cisco Umbrella Rank: 564738	844 KB
14	wp.com i0.wp.com — Cisco Umbrella Rank: 3755 stats.wp.com — Cisco Umbrella Rank: 3092 pixel.wp.com — Cisco Umbrella Rank: 2850	236 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	204 KB
6	gstatic.com fonts.gstatic.com	147 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	299 KB
4	vlitag.com services.vlitag.com — Cisco Umbrella Rank: 27809	151 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	3 KB
4	securityaffairs.co 2 redirects securityaffairs.co — Cisco Umbrella Rank: 531020	24 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2890 adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	2 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 124	5 KB
3	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4986 buttons-config.sharethis.com — Cisco Umbrella Rank: 5695 l.sharethis.com — Cisco Umbrella Rank: 5019	46 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1832	54 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1107	611 B
1	google.nl www.google.nl — Cisco Umbrella Rank: 7979	408 B
98	14

	Domain	Requested by
40	securityaffairs.com	securityaffairs.co securityaffairs.com
12	i0.wp.com	securityaffairs.co
7	pagead2.googlesyndication.com	securityaffairs.co pagead2.googlesyndication.com tpc.googlesyndication.com
6	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagmanager.com	securityaffairs.co www.googletagmanager.com
4	services.vlitag.com	securityaffairs.co services.vlitag.com
4	fonts.googleapis.com	securityaffairs.co
4	securityaffairs.co	2 redirects securityaffairs.co
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.nl	securityaffairs.co
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	pixel.wp.com	securityaffairs.co
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	stats.wp.com	securityaffairs.co
1	platform-api.sharethis.com	securityaffairs.co
98	22

This site contains links to these domains. Also see Links.

Domain
securityaffairs.com
intelcrawler.com
i0.wp.com
www.linkedin.com
www.xylibox.com
malwaremustdie.org
www.facebook.com
twitter.com
www.pinterest.com
plus.google.com
www.tumblr.com
www.cssii.unifi.it

Subject Issuer	Validity	Valid
securityaffairs.co GTS CA 1P5	`2023-06-22` - `2023-09-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
securityaffairs.com GTS CA 1P5	`2023-06-22` - `2023-09-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-20` - `2024-06-17`	a year	crt.sh
vlitag.com GTS CA 1P5	`2023-06-02` - `2023-08-31`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Frame ID: C7192D9AE51FF7D892D525BCFF2C2D3E
Requests: 92 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html
Frame ID: 921104B83F9911B8AFA1C7F8C64557F0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1687782711&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fsecurityaffairs.co%2F22121%2Fmalware%2Fjackpos-pos-malware.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687782711228&bpp=350&bdt=245&idt=672&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5817644610733&frm=20&pv=2&ga_vid=1019009748.1687782712&ga_sid=1687782712&ga_hid=176392936&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532278%2C42532280%2C44759876%2C44759927%2C44759837%2C44788441&oid=2&pvsid=725105105721583&tmod=2071939241&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=700
Frame ID: 50630EC3722FB3F38ED61685857495D1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 09C9BEB647C3FA2513543DACAFCB3221
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B8BB53A3C5017190AC24381975E42B54
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

JackPOS malware presented as a Java Update SchedulerSecurity Affairs

Page URL History Show full URLs

http://securityaffairs.co/wordpress/22121/malware/jackpos-pos-malware.html HTTP 301
https://securityaffairs.co/wordpress/22121/malware/jackpos-pos-malware.html HTTP 301
https://securityaffairs.co/22121/malware/jackpos-pos-malware.html Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

twemoji(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

98
Requests

98 %
HTTPS

80 %
IPv6

14
Domains

22
Subdomains

21
IPs

3
Countries

1967 kB
Transfer

4121 kB
Size

9
Cookies

72 Outgoing links

These are links going to different origins than the main page.

URL: https://securityaffairs.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/category/cyber-crime
Title: Cyber Crime

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/category/cyber-warfare-2
Title: Cyber warfare

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/category/apt
Title: APT

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/category/data-breach
Title: Data Breach

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/category/deep-web
Title: Deep Web

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/category/digital-id
Title: Digital ID

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/category/hacking
Title: Hacking

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/category/hacktivism
Title: Hacktivism

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/category/intelligence
Title: Intelligence

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/category/iot
Title: Internet of Things

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/category/laws-and-regulations
Title: Laws and regulations

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/category/malware
Title: Malware

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/category/mobile-2
Title: Mobile

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/category/reports
Title: Reports

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/category/security
Title: Security

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/category/social-networks
Title: Social Networks

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/category/terrorism
Title: Terrorism

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/category/ics-scada
Title: ICS-SCADA

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/extended-cookie-policy
Title: POLICIES

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/contact
Title: Contact me

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/147809/malware/trojanized-super-mario-bros-game.html
Title: Trojanized Super Mario Bros game spreads malware

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/147801/cyber-crime/twitter-hacker-sentenced.html
Title: Twitter hacker sentenced to five years in prison for cybercrime offenses

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/147797/breaking-news/security-affairs-newsletter-round-425-by-pierluigi-paganini-international-edition.html
Title: Security Affairs newsletter Round 425 by Pierluigi Paganini – International edition

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/147788/intelligence/unsolicited-smartwatches-us-army.html
Title: Someone is sending mysterious smartwatches to the US Military personnel

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/147782/hacking/known-exploited-vulnerabilities-catalog-apple-bugs.html
Title: CISA orders govt agencies to fix recently disclosed flaws in Apple devices

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/147774/hacking/vmware-vcenter-server-memory-corruption-bugs.html
Title: VMware fixed five memory corruption issues in vCenter Server

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/author/paganinip
Title: Pierluigi Paganini

Search URL Search Domain Scan URL

URL: http://intelcrawler.com/about/press10
Title: post

Search URL Search Domain Scan URL

URL: https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2014/02/jackpos_1.png

Search URL Search Domain Scan URL

URL: https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2014/02/jackpos-2.png

Search URL Search Domain Scan URL

URL: https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2014/02/jackpos-3.png

Search URL Search Domain Scan URL

URL: https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2014/02/jackpos-4.png

Search URL Search Domain Scan URL

URL: https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2014/02/jackpos-5.png

Search URL Search Domain Scan URL

URL: https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2014/02/jackpos-6.png

Search URL Search Domain Scan URL

URL: https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2014/02/jackpos-7.png

Search URL Search Domain Scan URL

URL: https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2014/02/jackpos-8.png

Search URL Search Domain Scan URL

URL: http://intelcrawler.com/about/pmim
Title: global

Search URL Search Domain Scan URL

URL: https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2014/02/POS-malware-map.jpg

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/pub/pierluigi-paganini/b/742/559
Title: Pierluigi Paganini

Search URL Search Domain Scan URL

URL: http://www.xylibox.com/
Title: http://www.xylibox.com

Search URL Search Domain Scan URL

URL: http://malwaremustdie.org/
Title: http://malwaremustdie.org/

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html?share=twitter&nb=1
Title: Twitter

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html#print
Title: Print

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html?share=linkedin&nb=1
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html?share=facebook&nb=1
Title: Facebook

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html?share=tumblr&nb=1
Title: Tumblr

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html?share=pocket&nb=1
Title: Pocket

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/tag/credit-card
Title: credit card

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/tag/cybercrime
Title: Cybercrime

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/tag/data-breach
Title: data breach

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/tag/database-breached
Title: Database Breached

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/tag/fraud
Title: fraud

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/tag/hacking
Title: Hacking

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/tag/intelcrawler
Title: IntelCrawler

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/tag/jackpos
Title: JackPOS

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/tag/java
Title: Java

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/tag/neiman-marcus
Title: Neiman Marcus

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/tag/pos
Title: POS

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/tag/shopping-season
Title: shopping season

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/tag/target
Title: Target

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/tag/underground
Title: underground

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fsecurityaffairs.com%2F22121%2Fmalware%2Fjackpos-pos-malware.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Fsecurityaffairs.com%2F22121%2Fmalware%2Fjackpos-pos-malware.html&url=https%3A%2F%2Fsecurityaffairs.com%2F22121%2Fmalware%2Fjackpos-pos-malware.html

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fsecurityaffairs.com%2F22121%2Fmalware%2Fjackpos-pos-malware.html&media=https%3A%2F%2Fsecurityaffairs.com%2Fwp-includes%2Fimages%2Fmedia%2Fdefault.png

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https%3A%2F%2Fsecurityaffairs.com%2F22121%2Fmalware%2Fjackpos-pos-malware.html

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fsecurityaffairs.com%2F22121%2Fmalware%2Fjackpos-pos-malware.html

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/share/link?url=https%3A%2F%2Fsecurityaffairs.com%2F22121%2Fmalware%2Fjackpos-pos-malware.html

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/22104/security/honey-encryption.html
Title: Honey Encryption deceives attackers with fake data

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/22159/cyber-crime/400gbps-distributed-denial-of-service.html
Title: Largest Ever 400Gbps Distributed Denial of Service NTP Amplification attack hit Cloudfare

Search URL Search Domain Scan URL

URL: https://www.cssii.unifi.it/vp-89-il-center.html

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html?amp=1
Title: Go to mobile version

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://securityaffairs.co/wordpress/22121/malware/jackpos-pos-malware.html HTTP 301
https://securityaffairs.co/wordpress/22121/malware/jackpos-pos-malware.html HTTP 301
https://securityaffairs.co/22121/malware/jackpos-pos-malware.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

98 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request jackpos-pos-malware.html Show response
securityaffairs.co/22121/malware/
Redirect Chain

http://securityaffairs.co/wordpress/22121/malware/jackpos-pos-malware.html
https://securityaffairs.co/wordpress/22121/malware/jackpos-pos-malware.html
https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

97 KB
22 KB

631ms
630ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 903b71b465e0b0800d27587a4fe604157dce730b45d63dca8a8ab08d4f9aaf32

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 7dd57833cc360b3e-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 26 Jun 2023 12:31:50 GMT
link: <https://securityaffairs.com/wp-json/>; rel="https://api.w.org/" <https://securityaffairs.com/wp-json/wp/v2/posts/22121>; rel="alternate"; type="application/json" <https://securityaffairs.com/?p=22121>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35%2BKiKr8AFSc%2BchTuP0bS508LO5SGQg9P0wFCfIl8FME785C%2Bdl4XEBufhJngfQQMceXABEDEFqJcb6TLuLM%2BRq%2Ff8pzNpfA%2BEZp0Ln5dWVHtVC5A3KyuaCqFvMIl%2BhhroKLTp0mow6oLg9HI0VO1yQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7dd578331ae60b3e-AMS
content-type: text/html
date: Mon, 26 Jun 2023 12:31:50 GMT
location: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emi3LId1rmNVqJoa5lwCFk%2BViCZFfHLvlEXJUDKW4xkhY79j6pi6XzEfALS11yHsWn%2F3a6MtGGQ%2FAsLKcfYLPxDrd1GLcriLWcEQeotoyT1WFwTf4heA%2FEFQLvqIY%2FfPTujQVER2c2rivTz2CeJ6KJ0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 184ms
83ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c38fee45a86f075a384833b7098f3bee203f0404be0c0369242a1b1abd5f186f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
Origin: https://securityaffairs.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48129
x-xss-protection: 0
server: cafe
etag: 8459882091600543339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 12:31:51 GMT

GET
H2 200 style.css
securityaffairs.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 113ms
35ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/css/dist/block-library/style.css?ver=e5229016af3a6f31e914059643d9f09a
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1009b5a8852ca3fdbdacabac3778cf9dea8f91a58d36466a5fe20d0441ead1f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 518163
cf-polished: origSize=104503
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-19837"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9%2FP1NljNbBeyOOdl0Px%2FzrSKth85mb9XXUItD222TOu%2FOktOGT9sY0wSKu3w%2F68LbkF2AQ0Ebv7ZWyoPdFDH0%2Bge8bq%2Bh8%2Fhe67BG4pcWk4L65z7KISVrvK85r7dK88446yK%2FPueIn6PoeuM72bnDZa"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7dd578384e140b52-AMS
expires: Tue, 27 Jun 2023 12:35:48 GMT

GET
H2 200 view.css
securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/ 602 B
590 B 112ms
34ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/view.css?minify=false&ver=34ae973733627b74a14e
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d749579e51cf490ba27a6782bcfe07c52e44ffa8e3fbb4db7a4dded9d0d9ef29

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 474942
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Jun 2023 21:52:07 GMT
server: cloudflare
etag: W/"648cd987-25a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUrgdeqJUoXVWpZZCVEUIfGmWmN6dNU1YKhCj6E7kUA8W5u3tBisniHsvo06obMniHYAMinEJgDxXxBRDJ1jI75fHzVxHDu09J%2F%2FGsP50DgsFrY2gBlHJ1aeVBv%2F%2BObbq83l4WI%2FPPXBBHEFCFJhOIDZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7dd578384e170b52-AMS
expires: Wed, 28 Jun 2023 00:36:09 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
securityaffairs.com/wp-includes/js/mediaelement/ 11 KB
3 KB 113ms
35ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Dec 2020 23:31:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 535098
etag: W/"5fd15e34-2bf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZyMY2bbaHbysUsbmlSX3%2BfzvDGBB0o9DHQF%2Fpa7j%2FRtc8wjaBRBPnGNHFFHBZqIvGM7tNaTLj30wuHDKRr7JSckHK1hkP3BpYndfgftUggYxh1WpM3m9K2s6CoQEfUvYMfDcgD2kyO0zT25OWPsdDpz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7dd578384e190b52-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 27 Jun 2023 07:53:33 GMT

GET
H2 200 wp-mediaelement.css
securityaffairs.com/wp-includes/js/mediaelement/ 4 KB
1 KB 112ms
34ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/mediaelement/wp-mediaelement.css?ver=e5229016af3a6f31e914059643d9f09a
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 474942
cf-polished: origSize=4960
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 13 Nov 2019 23:52:08 GMT
server: cloudflare
etag: W/"5dcc9728-1360"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRsaTcw2PJGCxWddrRl3bg8P5yYWmnJ07lLBazRmHAierwNNy7RufMw2xDdq7YWAPbj93cK8EUT3Z%2BWO3bGnrOZQ68gofqNrwb6SQnVDJJGSC%2FhgrhrPfk1pfPPUDecTfA8ja8vR9cTkmde5uz%2FwAAz1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7dd578384e1a0b52-AMS
expires: Wed, 28 Jun 2023 00:36:09 GMT

GET
H2 200 classic-themes.css
securityaffairs.com/wp-includes/css/ 257 B
716 B 111ms
33ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/css/classic-themes.css?ver=e5229016af3a6f31e914059643d9f09a
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5ea1f3c6951b71eb83050cd630f9c7c1c736b5b277d38a0e4465d80a5e53d4d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 278990
cf-polished: origSize=729
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-2d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1GxRNdxDstqOX3KVRZg60CeVAnfBYSWkbFlnlELYEBBXP2eLJu%2FYFBO%2FWOExetwk5ufxKcBjuqdlXpvZLld8iVWzCGYavBAGAGD052qVE7pU0Rotd2P1W01%2BG3uv%2FzN7eyMtOmnU%2FjY8aBODaTUiY6H"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7dd578384e1b0b52-AMS
expires: Fri, 30 Jun 2023 07:02:01 GMT

GET
H2 200 cookie-law-info-public.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 3 KB
1 KB 138ms
60ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.0.9
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 214025
cf-polished: origSize=3106
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 28 Apr 2023 22:52:14 GMT
server: cloudflare
etag: W/"644c4e1e-c22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZ8nfZRLD2F4gAWCu9AkpgHl6dZJQue7TqhIzInu3bDbfX5FTKy3RlQppCm31FKv%2FrkL968BXqQHUmacsMrVYCdZpfdo9rdwe1nwacBNyLZVJZiM6kDvX6Rx1r4%2B1W9k3i7hBS1PlcOHiur05iXt%2FPNu"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7dd578386e580b52-AMS
expires: Sat, 01 Jul 2023 01:04:46 GMT

GET
H2 200 cookie-law-info-gdpr.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 22 KB
4 KB 139ms
61ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.0.9
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 214025
cf-polished: origSize=27249
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 28 Apr 2023 22:52:14 GMT
server: cloudflare
etag: W/"644c4e1e-6a71"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vn%2B1JEdb7AoyHUwYB7oAncp1ZClUykxtAt9iPMJpw%2BDymZDAavUuZaowx%2BfGHd7YTbBwlf10Eo%2BaVWP8ezYS7g0DUXXR7vvTrlmAFMIzb8n9J%2FCbSJY9kyxIbnsF47Pehy9lW7LQGK3GpCJvHbZWgAej"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7dd578386e5a0b52-AMS
expires: Sat, 01 Jul 2023 01:04:46 GMT

GET
H2 200 custom.css
securityaffairs.com/wp-content/themes/rigel_old/css/jqueryui/ 15 KB
3 KB 146ms
68ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/jqueryui/custom.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b33e3ff7c01e9eb947faf1bd0dd31d3d210ff9fdf809f2db3938b5b865b9cc31

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 513193
cf-polished: origSize=19858
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 13:54:59 GMT
server: cloudflare
etag: W/"56716d33-4d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVaGmrSgifwFZ3Uu9SsY%2Bl4c9VjE5Bh8AhsDmWuNbD3rJR%2FUXJrkyvCo3Wpn8FeHH3uBtk51V%2BBVASDmiJj4SE4cjrn9MRmU1vtoTO2Fv5EGwxCAwfVnyQJs8xeD%2F42bj6mWaMEEnBp7EDC3kx15SagA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7dd578386e640b52-AMS
expires: Tue, 27 Jun 2023 13:58:38 GMT

GET
H2 200 tipsy.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 461 B
580 B 145ms
67ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/tipsy.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0255909b7cb5511843e8e9d6414f99d023237cdb954705d68c4ff0d3cd752d6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 299432
cf-polished: origSize=539
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:04 GMT
server: cloudflare
etag: W/"56710b7c-21b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6KaRn1L3aWYgYwUoHJCOtUhIX9bHeH%2FqyY17XFWD45uw5%2F%2Fy8mwOLiK%2FzOqT83rJWLqQaD%2FYLFz5hBUqQq8tV64kpywmnAQcIF7XTTxoOBvEo%2B0QB87yDgsRIZJOwh%2FR%2BXjLvU5q8YyeD8lmoyBoFRZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7dd578386e5d0b52-AMS
expires: Fri, 30 Jun 2023 01:21:19 GMT

GET
H2 200 flexslider.css
securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/ 5 KB
2 KB 144ms
67ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/flexslider.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 751ae0b0e7b20fc45203c90e0c3391e1aa983f57327fb31d96dda46f7232ad45

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 526579
cf-polished: origSize=6225
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 13:55:09 GMT
server: cloudflare
etag: W/"56716d3d-1851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8eTX0dpHnrQTZ0ekyN2BcZvQZra43X6WDzfrXA5%2FzSUVCgU%2BLR7F3IXckHRAUz8noPg%2BG36WfAfAnYT4qy1VA%2BzSpaIbxx6PRUbJaulPSaAyTycShComZljcGRSyRxPrx3agUr4%2FPpBDZ%2F%2FtUseM%2Buzz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7dd578386e6b0b52-AMS
expires: Tue, 27 Jun 2023 10:15:32 GMT

GET
H2 200 animation.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 1 KB
698 B 147ms
70ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/animation.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5643c5e548ec3aab5786c3845bce65a8ab30d48b62ba2586373ff84589ea13d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 365846
cf-polished: origSize=1716
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:02 GMT
server: cloudflare
etag: W/"56710b7a-6b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pli8G4NvZclmXsGVyVWlSAhipSb5t8SYUunryaNqt7eg8nEb%2F3uASvrE%2F5a2ZKC3giZ0nWdTvJXYTM8RmhShsAwYUFlfuEymA9cJwGlgMTyfpjjGd8pro9WM%2B%2B62tiTLqx6qiWWj%2BJQjQqIXQfrj%2B5Ek"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7dd578386e6d0b52-AMS
expires: Thu, 29 Jun 2023 06:54:25 GMT

GET
H2 200 font-awesome.min.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 17 KB
4 KB 115ms
38ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 512756
etag: W/"56710b7a-4574"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9QxRHF1VSroL9GuyMuSK%2FmdvB%2BIHLOn9M3GwItJpZaM6rWd2cEaIfidwgvdgDV%2FtfOVpwtZ3O%2Fr7zuuT48v%2FBam8BUHto9hJiCeBtg3%2B1URU4m9jCPqQQfxcMpkEt2gv%2BST0YIHdgTIscMYMvBskWvd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7dd578384e1f0b52-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 27 Jun 2023 14:05:55 GMT

GET
H2 200 swipebox.css
securityaffairs.com/wp-content/themes/rigel_old/js/ 3 KB
1 KB 136ms
59ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/swipebox.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9b6164ccc60fa98562a1d315d63a961a7ffa16183117a6a5f6d5bf3893283c0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 453254
cf-polished: origSize=4493
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:18 GMT
server: cloudflare
etag: W/"56710b8a-118d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dv%2BFoE1tm9M2Yx2Al4Sn4OjokIdeO%2Bl4EJQWiC62lSWTBgvs3QBALnDUBcy8dljUBjQYg%2FN7eEBo5NOlBoL8xpqmlC3p8UsEbtwIH%2BigB8D8jvpwHk9k8gAUXlDEKjd%2F%2BZYQKurUsK%2BAB5OkCPUy7n%2BB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7dd578384e1e0b52-AMS
expires: Wed, 28 Jun 2023 06:37:37 GMT

GET
H2 200 jquery.circliful.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 264 B
675 B 141ms
65ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/jquery.circliful.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28275dbcd3747f460a53102bb9dad566db20349335371cef756c72f4ab155431

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 472499
cf-polished: origSize=334
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:02 GMT
server: cloudflare
etag: W/"56710b7a-14e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQnNKXhJc5OWxMtT4Y1jQlqhwLqlO6I2l%2Fnea%2F0Z2RSq%2FNKBoVKXCCIyB3oZQchQb%2BG4IkuHM4WpQ8%2BzpgN61yrKHmHKD30VETvppX6mmo4apdxUd205Z0yo3V50KI2qzZipC5coDl2jReeXWhylHezd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7dd578386e620b52-AMS
expires: Wed, 28 Jun 2023 01:16:52 GMT

GET
H2 200 screen.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 95 KB
18 KB 115ms
39ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/screen.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a04aa9666a49a1c434d7e44268f399e0c1dc1b306a2cc6f3414551364c217b4d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 541931
cf-polished: origSize=112708
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:04 GMT
server: cloudflare
etag: W/"56710b7c-1b844"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h596bteXZIXG9pyrXOdfMcXdoB9hZDCSD0KJpwmIDy%2B6OgzaULmuxiiiiT7t%2BqS3UmgTyzqv1TPtWcMS%2F4%2BC2Ai1rGj%2FPdgJaNnKIqcIbcPYSCVSLk6%2BE9DVRRo92ZisyLbt1EOCoCC8SmEjSEYyte0o"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7dd578384e1c0b52-AMS
expires: Tue, 27 Jun 2023 05:59:40 GMT

GET
H2 200 custom-css.php
securityaffairs.com/wp-content/themes/rigel_old/templates/ 12 KB
2 KB 562ms
485ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/templates/custom-css.php?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ba7c2311986ffb857dac36c0269f59bd9eb78fbf7435f2a2ebe5ba3af6fb9b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zpqMKSp1WhrWVRcdSzqobFFwza1RSMSkviwWdxL6yIDptOfFR63mCmQiqTVrU91MrAUdZ54KRj%2FvzJ7rSq6JdUCu9aokq%2FALS4i02INoiDJcUXlsQf%2BFFs59CS06vNJ9DIlCt4SMl%2BBrrQRy2u2sQAG"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset: UTF-8;charset=UTF-8
cf-ray: 7dd578386e5e0b52-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1015 B 123ms
48ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C400%2C700&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Ccyrillic%2Clatin-ext%2Cvietnamese&ver=e5229016af3a6f31e914059643d9f09a

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77a97368f8991ef6bcba68e58a58f0aa3aaa1e61b687bb5f2c7930d12800de13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
Origin: https://securityaffairs.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 12:31:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Jun 2023 12:31:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
886 B 116ms
41ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=e5229016af3a6f31e914059643d9f09a

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

699e8cb3d0af7f12172315152a58cf8154526ddc2ee3d29ed8861218e9cf91a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
Origin: https://securityaffairs.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 11:02:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Jun 2023 12:31:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
681 B 124ms
49ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=e5229016af3a6f31e914059643d9f09a

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e63ce5b7ed21eed9e79e149fd15071f7d52af26b7b50b23af810cfe3b50f7a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
Origin: https://securityaffairs.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 12:22:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Jun 2023 12:31:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
658 B 126ms
52ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=e5229016af3a6f31e914059643d9f09a

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c31c872bd1b263e86b8127059907e0c7e94c0985a85acd24d856f4d9aa294db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
Origin: https://securityaffairs.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 12:31:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Jun 2023 12:31:51 GMT

GET
H2 200 grid.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 43 KB
8 KB 139ms
63ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/grid.css?ver=e5229016af3a6f31e914059643d9f09a
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5133a1035cbf203be573cc6e15a2d4f8477b62568bea772b2192dc68c4980e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 172110
cf-polished: origSize=50674
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:03 GMT
server: cloudflare
etag: W/"56710b7b-c5f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxRMd4R0RVVyQQW1II%2FVUz6ZBYemTmycSBH0MHwhk1HdmMOAbQYXWIzZoe9gTVLKuloWcOoLyR5CbH4iMlLSz%2Bj7VV4UvUUoGJnBoj2gRTxaviRDcOa8KpIcvc5sm237Q1tVRb12rrq8e4Sx8lA6MMOj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7dd578386e5f0b52-AMS
expires: Sat, 01 Jul 2023 12:43:21 GMT

GET
H2 200 sharing.css
securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/ 16 KB
3 KB 142ms
67ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/sharing.css?ver=12.2.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a93c1ac24fad6ffb0de84e1f56b111e8b177d68a2948ffe1c87d9c02bb68b2d1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215833
cf-polished: origSize=19408
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Jun 2023 21:52:07 GMT
server: cloudflare
etag: W/"648cd987-4bd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dh%2BbEfm0uenekZSUJyjgMOsbBfLFsqaJKcgJT9E2LL9qyJyd24IcKZavWW4n3OL%2BRZ0G0ivLvghkE%2BnDdlH59427EGUg8EBlUb1FrMO5drfvI8KCBZwPZDkfwv6Yk3r1NmVrL%2FEBl1w9sPMBUDghxrbo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7dd578386e660b52-AMS
expires: Sat, 01 Jul 2023 00:34:38 GMT

GET
H2 200 social-logos.css
securityaffairs.com/wp-content/plugins/jetpack/_inc/social-logos/ 11 KB
8 KB 137ms
62ms Stylesheet
text/css 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.css?ver=12.2.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee86b02e97bfb8f83af87a4f7991c713e1e90dce091524c0c675b393091b6ff7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215833
cf-polished: origSize=12101
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Jun 2023 21:52:07 GMT
server: cloudflare
etag: W/"648cd987-2f45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iOiBcpt%2BMQY8CsVWgGMXRD3zwkJk%2Fqd%2Bovhrtie2e2hylWPXXIxyILF9q4%2BZAL%2FcPg%2FwalQQZn1a45FzJQ%2BUDYSFqa%2FtNvt6bm2EO5VPWrkfpYrlDqyE733JaaBh4AxSothe3eReDC35o6bzJExUJDy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7dd578386e680b52-AMS
expires: Sat, 01 Jul 2023 00:34:38 GMT

GET
H2 200 jquery.js Show response
securityaffairs.com/wp-includes/js/jquery/ 142 KB
42 KB 149ms
73ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/jquery/jquery.js?ver=3.6.4
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73e52be898a7afbbfa119fdb5a95ca82c2b914da8d756404f7e5c7e0b6ff1928

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 468696
cf-polished: origSize=292478
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-4767e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xndK2%2BEocMt6XYHGjgdRccfbDQ4Pogzq343mmQuQkGv8GmJwz2P%2FUfK%2F%2Fc82FzXa%2FxotsOguyOsS5I0M%2BR%2FaGSMSmA0KDVWk7FTIJog%2BuVLJuE1wPh%2FARM%2BOtYf9KEKDXqFr2gE7LUGkGJJBuTI%2FIi5N"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7dd578386e720b52-AMS
expires: Wed, 28 Jun 2023 02:20:15 GMT

GET
H2 200 jquery-migrate.js Show response
securityaffairs.com/wp-includes/js/jquery/ 18 KB
6 KB 141ms
66ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/jquery/jquery-migrate.js?ver=3.4.0
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c4baf058901663c6879894c0067cf923fa200cb95a0a4c25b1471a62c2a63c8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 362056
cf-polished: origSize=30789
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-7845"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=veKy6vNPlxQAVPEwaWi9r2fmV1Qzu0zukDQu8w20HrxMn4%2FiDxO1K45ZX2HsA%2BuU%2BpAKhYKd6dRBfU5Vq99WGHVsbOjTQM0UOsAyZH%2F4wkHmQX6%2Bo1fhNH0AhZWWtGBTHNYb48iZJ8C8%2FMH%2FN0sLQvM4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7dd578386e700b52-AMS
expires: Thu, 29 Jun 2023 07:57:35 GMT

GET
H2 200 cookie-law-info-public.js Show response
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/ 27 KB
7 KB 144ms
69ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.0.9
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 214025
cf-polished: origSize=34179
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 28 Apr 2023 22:52:14 GMT
server: cloudflare
etag: W/"644c4e1e-8583"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eyYEHQ2crrfZmXEAdh80Ff3XG9hrmMKEqZNINPgsADVVZfCAguQOY8mo08xWkjbFP1QPCoXw98DuTFSDzBLF%2Fy34L1P3vkxAEimmGHpERc7aTp0R9o9JyYokE4FfUkkzJveW6MsMlWriMQ%2Fc5CFb0Vz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7dd578386e740b52-AMS
expires: Sat, 01 Jul 2023 01:04:46 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 201 KB
45 KB 141ms
46ms Script
text/javascript 99.84.88.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-50.muc50.r.cloudfront.net

Software

Resource Hash

e9b6e5d6207dea3753f55720cef88d4c6a60758ffacb7808ec6081b2a63bbc5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:27:24 GMT
content-encoding: gzip
via: 1.1 e01f54b21119ff385b2879b6a08078e0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-C1
age: 278
etag: W/"3225f-sMYnyFmnB+/njI8u5nwE2QPqhYo"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: B8rGTTQWOmym8qr35ABSWDA24XOQM-_C2fyzeSyu16BsRZBuG1hk7g==

GET
H2 200 / Show response
services.vlitag.com/adv1/ 567 KB
146 KB 257ms
182ms Script
application/javascript 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b075b7044f1410c30fb5c0ecf3ecff7f760ca31c51fa605707275d177bb3c1b0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
cf-polished: origSize=580689
etag: W/"221a5a398da89ace8729d1cd3c481ec7 2023-06-22T01:14:50 v1 default"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, stale-while-revalidate=3600
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 7dd5783becb8b770-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jackpos_1.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2014/02/ 19 KB
19 KB 86ms
26ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2014/02/jackpos_1.png?resize=470%2C179

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

c37f0638aea7427161e04791736d419b581672d91342c43f74fed6caaf93fc23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 26 Jun 2023 12:31:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Jun 2023 13:34:33 GMT
server: nginx
etag: "989ad30840be3d5e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://securityaffairs.co/wordpress/wp-content/uploads/2014/02/jackpos_1.png>; rel="canonical"
content-length: 19232
expires: Mon, 23 Jun 2025 01:34:33 GMT

GET
H3 200 twemoji.js Show response
securityaffairs.com/wp-includes/js/ 17 KB
5 KB 167ms
166ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/twemoji.js?ver=e5229016af3a6f31e914059643d9f09a
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a8c0bd86eee0230682ed29c5e30936b6b14ab02e1586692840ef8ea4de9dda6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 301847
cf-polished: origSize=33089
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-8141"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkyhdYgu3IHiJJpu%2Fqg%2F9HTMGRrH74VHF%2FAzSffor5uRDTGdK8nAd%2FCZd9vYuxXcBmUBMvUu0%2BR8kLSm81Ey57A9dBVuWiWf7rS1cGFnl0cQgc1qzr2wvsbOe2U%2BmkADlhmcQTt7QCcT1%2FhJOOn3k4vx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7dd5783b79b60c71-AMS
expires: Fri, 30 Jun 2023 00:41:04 GMT

GET
H3 200 wp-emoji.js Show response
securityaffairs.com/wp-includes/js/ 4 KB
2 KB 168ms
167ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/wp-emoji.js?ver=e5229016af3a6f31e914059643d9f09a
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 278515
cf-polished: origSize=8969
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-2309"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5vy23EVTEZEjtvsL4B7UVPz97lWWotSJW2Le%2F%2Fb1SbdjGkeiwyTmKideS8wCWUpeMAFEoMHn3XJTmHRO2702al81mDDBWJNSXB1yylNpZuwQ7hP%2B8zt%2BEW%2FOrGOJlHSa43tDBQ2BqabhwPnHD%2FJKj%2Bv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7dd5783b79b80c71-AMS
expires: Fri, 30 Jun 2023 07:09:56 GMT

GET
H3 200 image-47.png
securityaffairs.com/wp-content/uploads/2023/06/ 601 KB
602 KB 63ms
63ms Image
image/png 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.com/wp-content/uploads/2023/06/image-47.png
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7d71d48502737ece5bf0878e80f215649c87080123dd8e57a6c271e4edea7ca

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42747
alt-svc: h3=":443"; ma=86400
content-length: 615846
last-modified: Sun, 25 Jun 2023 23:06:09 GMT
server: cloudflare
etag: "6498c861-965a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqWjRNQSt9mhYDPr80qp6EwWZmarfBNZcbZaD3sR%2FRRAqHsqp03nlUBluAK%2BaTG5B2UK5cDM06c6Km8n7brJ%2FrTwgxT1LEwdDu8INfyy2M6Ybe3%2B1ef3faxKtfWcJEuN3TnJB4kkApSrlnmnumJKfL6H"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7dd5783b79b90c71-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 DoJ.jpg
securityaffairs.com/wp-content/uploads/2015/03/ 51 KB
52 KB 37ms
36ms Image
image/jpeg 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.com/wp-content/uploads/2015/03/DoJ.jpg
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698efec41dc5a5946ae4a26a456cad7646bb9cb56a479ee89b76160cccba142e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64307
alt-svc: h3=":443"; ma=86400
content-length: 52674
last-modified: Wed, 16 Dec 2015 11:43:09 GMT
server: cloudflare
etag: "56714e4d-cdc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8np0C3Ujl3mK8QTZmDsshirMzMihH5q%2FyYe7L%2FlVaSYDXtEab7fY2aM%2FjkMhpe5%2FuXgIafzOGtyOPCigNdpef%2BapuTKKiY0JJKX1cddolpZWU8AAYYWNgQNIWkGfoJ1nB7QoiIRwj2MgnONb39v%2B54dp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7dd5783b79ba0c71-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 email-decode.min.js Show response
securityaffairs.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 30ms
29ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityaffairs.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Jun 2023 09:29:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64941465-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=epz4KsMRSnc9mnHxorRFb%2FxIT7D2qPnx7r9xXEmc9Fu4YOgR2sFZZrJ5EyR9DKjvs%2Ba05LEJBFiZjXpdP0yZR19vHtwoF1QecP5s8Jg3nr2Qg6RXqItd92leAaCJG%2FajtS%2Bg3hZTbn0ebMqoHyWiL6U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7dd5783938a6b761-AMS
expires: Wed, 28 Jun 2023 12:31:51 GMT

GET
H2 200 Honey-Encryption-2.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2014/02/ 4 KB
4 KB 86ms
26ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2014/02/Honey-Encryption-2.jpg?resize=296%2C170&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

6726257bf91f6c971363480bb63164537b19bfd2d3c34133196f755922dda986

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nc: HIT ams 3
date: Mon, 26 Jun 2023 12:31:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Jun 2023 13:34:32 GMT
server: nginx
etag: "7d179a6fa56be528"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2014/02/Honey-Encryption-2.jpg>; rel="canonical"
content-length: 4416
expires: Mon, 23 Jun 2025 01:34:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
87 KB 175ms
98ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae03a6f166707bd6d859e1df470965bdd79c6f2eeffbe7790c0829f9a92b1c94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89006
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Jun 2023 12:31:51 GMT

GET
H2 200 image-cdn.js Show response
securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/ 701 B
710 B 33ms
32ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 474942
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Jun 2023 21:52:07 GMT
server: cloudflare
etag: W/"648cd987-2bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmQa1tkYQDs6spPkpIA4vU%2BgmdqjrBJx6QJQ0SWhWbtWLhvX%2FNr4yx1nDHACk8%2FSY4LdMLfJD5Au646tWYt%2F1u%2BT3H7%2FLFfZE0UyiKr04iOm8sTIvoHUZhNSgW%2BWoUgQdW%2BkV3D1aJ%2BVtfxDaDzOU9IM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7dd578396ffe0b52-AMS
expires: Wed, 28 Jun 2023 00:36:09 GMT

GET
H2 200 ssba.js Show response
securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ 2 KB
1 KB 36ms
35ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1686486772
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82948
cf-polished: origSize=3110
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 11 Jun 2023 12:32:52 GMT
server: cloudflare
etag: W/"6485bef4-c26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AW4gPLyrny%2BGm38HOa2iImtvjZom2o096C2QuxHU18CTDvOeQxs2tumDOlA4ij5vyvx33xXHqf%2FcfbYOq2GpRJgxnMeuiqzg4U68ErDOECbT1P%2B7NILuQ%2B1PlGh8jAVAhmiQGPs63wclZsIP6rK4cp%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7dd5783998430b52-AMS
expires: Sun, 02 Jul 2023 13:29:23 GMT

GET
H3 200 hint.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 467 B
801 B 39ms
39ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/hint.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 914c2c38bcf8be8ae0bb37e800573341c8134e54b5ced5303c1d3f172d7e6c96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 301847
cf-polished: origSize=987
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: cloudflare
etag: W/"56710b89-3db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7VvWjUI1Y8%2BHMvhBdMwi5ZjYWJYUXPsOg6a3vHXzUzHWPztqo9DhEk0qmxK3cb3CV55iHt%2BO62gpiXlrQlDtjmYlJEk4%2FmAyV3RwTjInHJvQ2p5JJTK12oFCyCEspdMIrziEQQ9F2OsDn4DYKLS6tk8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7dd57839d8b50c71-AMS
expires: Fri, 30 Jun 2023 00:41:04 GMT

GET
H3 200 jquery.tipsy.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 2 KB
1 KB 34ms
33ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.tipsy.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3570b0809823e912b040bb8d99048d5e85ceabf830ef064e306c0a1901a08e11

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 124383
cf-polished: origSize=4371
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: cloudflare
etag: W/"56710b89-1113"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8q6eq7KjNAPtAtY%2FWYyYvwwXKHBwONm7jw2DLP%2FNuHpHXW6EoPYiazyn4wrA%2BGZEmjw4m1Ysr2CFGSsR0Vog8raIN39ABaG8UwIKBSTmdXSGWvh7a0sEy2pzRLP%2FyT%2F4APn0uBEmlBh%2BsNdndMBFRVm%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7dd5783a28ed0c71-AMS
expires: Sun, 02 Jul 2023 01:58:48 GMT

GET
H3 200 jquery.easing.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 4 KB
1 KB 38ms
38ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.easing.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 124382
cf-polished: origSize=8097
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: cloudflare
etag: W/"56710b89-1fa1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rI5XMqOSF5crXSO1R8DS%2F9rmHI0O5KkndYMjNbfHaJCimAzEBqpBI%2BtHw9qTJNq9arqIRB%2BRr2WSAI2rJ1nJQ8p0NDJTSgbAaUO3EHIAOGOxP3tep%2FUhTWlp6QrQfhQmc4cEtWYZh0Ygi%2F%2FPyLf1YXU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7dd5783a69100c71-AMS
expires: Sun, 02 Jul 2023 01:58:49 GMT

GET
H3 200 browser.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 2 KB
1 KB 34ms
33ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/browser.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bea141b0e1c016faface442cf56dae318f97789bea95d633da28014d5233a934

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 124382
cf-polished: origSize=2614
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:16 GMT
server: cloudflare
etag: W/"56710b88-a36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2PNQz%2B1fA6HJHy4w3VvkjNzDdBLq1Gfd9vJisPsFx0NZsALnI7EcmNTvL7LZYxlkFN15SVdeM6h6Zr%2FE2gVwywhUvfDaeuW%2F8AIayIQtT3cgKSB5RdrR5Ahc4bsy8NK%2BzQw4Cvrmj1NwW0%2Fk3s2uN6G"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7dd5783aa9370c71-AMS
expires: Sun, 02 Jul 2023 01:58:49 GMT

GET
H3 200 jquery.flexslider-min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/ 21 KB
7 KB 35ms
35ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/jquery.flexslider-min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 13:55:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 322331
etag: W/"56716d3e-53ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwLAeimLzNIc13gSOkUsayQEJwe2PSssYT0gl%2BWYWWOReYT9AZjogbd7jW6NIOUNmZSmVJ%2BKAgcJLtVnyMP8T6tgeTuXpx0YbzcbKgqAYsPdl%2B5mzGd570GWCYNv6GOFg4Wj4RolIRisqXMohQcJb3As"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7dd5783ad9560c71-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 29 Jun 2023 18:59:40 GMT

GET
H3 200 waypoints.min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 8 KB
3 KB 34ms
34ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/waypoints.min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 301847
etag: W/"56710b8a-1f6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=roq%2Bhz5UN9uNSGQnNAmYjPoD%2Bj2KmJxteff7oGCTKyR68bu5tABv0lqiW0Tp0FwHZv02PnT3lqfcKGijD%2FnNglPldNMY4sO3LCZX9VB4eI3ylKSZ8XCSSznivWjh8BGERbSm1aEjims2IRW%2Fu%2B6Xo65N"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7dd5783b197b0c71-AMS
alt-svc: h3=":443"; ma=86400
expires: Fri, 30 Jun 2023 00:41:04 GMT

GET
H3 200 mediaelement-and-player.min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/mediaelement/ 69 KB
20 KB 35ms
34ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/mediaelement/mediaelement-and-player.min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 13:55:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 149883
etag: W/"56716d42-11571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzb8TG0tZ1qLm7gvm2%2B2XEUj7Jfl%2FDvhLwcCLlzCLVVdZSR9SAIeL4BgfiMC%2B0PZ2UxZayoVhNTZvLvepRtrhSzxqKY3xVDkwKM2iNq0Vu%2BaqpFb4rpzQleJfSjIpmQzEI8sfhkLcMfC7fuuH6l%2Bflhj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7dd5783b499a0c71-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 01 Jul 2023 18:53:48 GMT

GET
H3 200 jquery.swipebox.min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 11 KB
4 KB 32ms
32ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.swipebox.min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 199854
etag: W/"56710b89-2a67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MAka7gsKJx3TiKm2uJ2pjtAYc%2BEOr%2B0dd0S3CubYAcFx8bF6ohoXzBCpOJrtSvsugEAgj4v7yNmVi26bibpQxav1nW7ScYNj0%2FSKyC%2B1n%2Bvh5dkhQtfGRUl48Dm%2FoPfPbGX6E%2BC4UdmwE3L2MY57WF%2BF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7dd5783b499c0c71-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 01 Jul 2023 05:00:57 GMT

GET
H3 200 jquery.circliful.min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 3 KB
1 KB 167ms
167ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.circliful.min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 199854
etag: W/"56710b89-c18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2B7jgNeJHAb0Do%2BEP4sZ94i14wJgu1CwJgF0ZWzwZM8IhmKCNqvuxZe4DTbMbRtJWKGg3hVexmZaRnRtsdza1TSUyO%2BPyoRHOQw3NjhRwswAgMbOUumeOSzpy%2F4e%2F4JedZ99d%2ByN9EjRVDHPdH8oF9Zw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7dd5783b69b10c71-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 01 Jul 2023 05:00:57 GMT

GET
H3 200 jquery.smarticker.min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 13 KB
4 KB 167ms
167ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.smarticker.min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 124382
etag: W/"56710b89-3225"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOqgrU6y%2BQqPthSy7TLPVlT9mgAKIXr9on7FZ9LGIcMCuKyL0hr1EPhTis793ZUzPUzYRmqTGj67tOeGUmF71LoHaYHd1jra4cDSUPMqXFhgeLZLP%2BgBKx2ntl2zRkTsHknmmpbKi1RZd1XdGZBI60qv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7dd5783b69b20c71-AMS
alt-svc: h3=":443"; ma=86400
expires: Sun, 02 Jul 2023 01:58:49 GMT

GET
H3 200 custom.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 10 KB
3 KB 167ms
167ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/custom.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6f712bb063293806236d362715f5f3f134ddeb3da95e66f7f7d5f1311975296

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 149883
cf-polished: origSize=12756
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:16 GMT
server: cloudflare
etag: W/"56710b88-31d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtaVOBldwMDNCrwlZvqvdNy768IVdhSdTo%2FWxkphO%2BDEfCkh0Pkuez8IJ5p2DFiw%2F%2FplgEdNmsBPyZLm4IMLfSeapG9T%2BR7zU3sO%2BySB%2BCL%2FaAuHQi9y%2FBkpi1JO4FHKbeNiXez7mPTm4VBpxJRbEm%2BT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7dd5783b69b40c71-AMS
expires: Sat, 01 Jul 2023 18:53:48 GMT

GET
H2 200 e-202326.js Show response
stats.wp.com/ 13 KB
4 KB 86ms
25ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202326.js
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ab8517f3d5171dd42a8b9c22af6a2f944b41d00e7ea54ba02b4ed71a6c59e543

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nc: HIT ams
date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
last-modified: Fri, 19 May 2023 02:56:22 GMT
server: nginx
etag: W/"6466e556-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 23 Jun 2024 22:01:33 GMT

GET
H3 200 sharing.js Show response
securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/ 12 KB
4 KB 63ms
63ms Script
application/javascript 2606:4700:3031::ac43:8cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/sharing.js?ver=12.2.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c11433c4dc7cf18972c22ca0f2cf78493b92aaf89bab4dab47c6c9b6c551d50

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 301847
cf-polished: origSize=18206
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Jun 2023 21:52:07 GMT
server: cloudflare
etag: W/"648cd987-471e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QfkiXmt3phMPm%2FSTM4aacJ5FzbRwq9DKrjbgDKJOMAqPR6LIugO16tEjdyKCtOU0zoa7rQfUUdHPE9ExWySAq%2B4wkJ4ilL3fZVo8In1sazAhe%2BJc%2F9fint7YIY3DZrBI5oWuG%2BNzOPev7d495gJOHNfl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7dd5783b69b50c71-AMS
expires: Fri, 30 Jun 2023 00:41:04 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/ 356 KB
119 KB 177ms
109ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a140f8910f967d602bb8503dffbc322902686f8b0755f893dd20beb14b1a4a08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122045
x-xss-protection: 0
server: cafe
etag: 12172074407162651720
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 12:31:51 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/ Frame 9211 10 KB
5 KB 105ms
32ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 12597
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 09:01:54 GMT
etag: 15057649708203361565
expires: Mon, 10 Jul 2023 09:01:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 63aa5463b92caa0012f81022.js Show response
buttons-config.sharethis.com/js/ 438 B
885 B 151ms
50ms Script
text/javascript 2600:9000:26da:a400:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/63aa5463b92caa0012f81022.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a400:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

db4312bece8d50799c3e99a316a58218a527df0f25b93c3e075e04712e20cacf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:18 GMT
via: 1.1 86df4d22c97ec96360d46cef55fb5f2a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P4
age: 34
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 438
last-modified: Wed, 28 Dec 2022 04:37:49 GMT
server: AmazonS3
etag: "d0446970cab2a3b08a2f4f8bdf2fbef7"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
x-amz-cf-id: l0bqwiMmNnPlckl47k3PfAL84QGjQsBaC8iLb9gFsq_4XB6jSq3eFg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 111 KB
43 KB 122ms
45ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4912921f307f129d565cc35d51f45d645f309229170e2a4fbaef731e0c840c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43997
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Jun 2023 12:31:51 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
405 B 173ms
45ms XHR
text/plain 35.158.33.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=securityaffairs.co&location=%2F22121%2Fmalware%2Fjackpos-pos-malware.html&product=gdpr-compliance-tool-v2&url=https%3A%2F%2Fsecurityaffairs.co%2F22121%2Fmalware%2Fjackpos-pos-malware.html&source=simple-share-buttons-adder-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=JackPOS%20malware%20presented%20as%20a%20Java%20Update%20SchedulerSecurity%20Affairs&cms=unknown&publisher=63aa5463b92caa0012f81022&sop=true&version=st_sop.js&lang=en&description=JackPOS%20was%20detected%20by%20security%20experts%20at%20IntelCrawler%20firm%20several%20days%20ago%20and%20it%20seemed%20based%20on%20code%20from%20%E2%80%9CAlina%E2%80%9D.%20Attacks%20on%20POS%20are%20on%20the%20rise.%20A%20new%20strain%20of%20Point-of-Sale%20malware%20named%20%E2%80%9CJackPOS%E2%80%9D%20was%20discovered%20by%20IntelCrawler%2C%C2%A0a%C2%A0cyber%20intelligence%20firm%20from%20Los%20Angeles%2C%20confirming%20the%20growing%20trend%C2%A0of%C2%A0Point-of-Sales%20malware%C2%A0after%20the%C2%A0Target%C2%A0data%20breach.%C2%A0JackPOS%C2%A0was%20detected%20several%20days%20ago%20%5B%E2%80%A6%5D&ua=&ua_mobile=false&ua_full_version_list=

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.33.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-33-255.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 12:31:51 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://securityaffairs.co
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 109ms
34ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=e5229016af3a6f31e914059643d9f09a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityaffairs.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 15:41:45 GMT
x-content-type-options: nosniff
age: 161406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 15:41:45 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 17 KB
18 KB 200ms
126ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=e5229016af3a6f31e914059643d9f09a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityaffairs.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 16:07:35 GMT
x-content-type-options: nosniff
age: 159856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17908
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 16:07:35 GMT

GET fontawesome-webfont.woff
securityaffairs.com/wp-content/themes/rigel_old/fonts/ 0
0

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 35 KB
35 KB 178ms
104ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=e5229016af3a6f31e914059643d9f09a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityaffairs.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 15:17:34 GMT
x-content-type-options: nosniff
age: 249257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35764
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jun 2024 15:17:34 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 184ms
110ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=e5229016af3a6f31e914059643d9f09a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityaffairs.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 13:31:10 GMT
x-content-type-options: nosniff
age: 169241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 13:31:10 GMT

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 24 KB
24 KB 154ms
81ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=e5229016af3a6f31e914059643d9f09a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityaffairs.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 22:07:14 GMT
x-content-type-options: nosniff
age: 224677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24448
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jun 2024 22:07:14 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 24 KB
24 KB 137ms
63ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=e5229016af3a6f31e914059643d9f09a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityaffairs.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 10:40:31 GMT
x-content-type-options: nosniff
age: 179480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:14:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 10:40:31 GMT

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51df3ca60fafe5df2786ce34c4b6dff5af9bb0a061f1808783f65bb1016e016d

Request headers

Referer
Origin: https://securityaffairs.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 jackpos-2.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2014/02/ 37 KB
38 KB 40ms
27ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2014/02/jackpos-2.png?resize=476%2C293

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

72133d32df2afc6b9627d461268f0b37980034d4ab0a575912b80bcca5e6c609

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Mon, 26 Jun 2023 12:31:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Jun 2023 13:34:33 GMT
server: nginx
etag: "5d68fa33c14d073e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://securityaffairs.co/wordpress/wp-content/uploads/2014/02/jackpos-2.png>; rel="canonical"
content-length: 38272
expires: Mon, 23 Jun 2025 01:34:33 GMT

GET
H2 200 jackpos-3.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2014/02/ 10 KB
10 KB 70ms
58ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2014/02/jackpos-3.png?w=703&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

db2175fffb1a59f6b07a5b10c728a0d7cdbe90e33794678d0d958d4da934578b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nc: HIT ams 7
date: Mon, 26 Jun 2023 12:31:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Jun 2023 13:34:32 GMT
server: nginx
etag: "0083699a4f7f5bba"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2014/02/jackpos-3.png>; rel="canonical"
content-length: 9932
expires: Mon, 23 Jun 2025 01:34:32 GMT

GET
H2 200 jackpos-4.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2014/02/ 26 KB
26 KB 86ms
73ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2014/02/jackpos-4.png?w=708&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

e5a60c03a7ac0033874b06898e7d33e5baa504587739cab70acbed545d69c1f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nc: HIT ams 3
date: Mon, 26 Jun 2023 12:31:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Jun 2023 13:34:32 GMT
server: nginx
etag: "9709d79c62f26a59"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2014/02/jackpos-4.png>; rel="canonical"
content-length: 26432
expires: Mon, 23 Jun 2025 01:34:32 GMT

GET
H2 200 jackpos-5.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2014/02/ 25 KB
25 KB 73ms
71ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2014/02/jackpos-5.png?w=708&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

b34b10bbc97d3457a9e8c59779850e01d45160be2c72ac4e5f7bdb0eb3635cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nc: HIT ams 3
date: Mon, 26 Jun 2023 12:31:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Jun 2023 13:34:32 GMT
server: nginx
etag: "86e1931a2946a108"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2014/02/jackpos-5.png>; rel="canonical"
content-length: 25826
expires: Mon, 23 Jun 2025 01:34:32 GMT

GET
H2 200 jackpos-6.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2014/02/ 16 KB
16 KB 73ms
72ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2014/02/jackpos-6.png?w=708&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

b0eaabca31ab1a868f8b464116c58bad92ddf1115263cf5468d537cd1c2f0c5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 26 Jun 2023 12:31:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Jun 2023 13:34:32 GMT
server: nginx
etag: "46757f7a56cc5af8"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2014/02/jackpos-6.png>; rel="canonical"
content-length: 16334
expires: Mon, 23 Jun 2025 01:34:32 GMT

GET
H2 200 jackpos-7.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2014/02/ 24 KB
25 KB 360ms
359ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2014/02/jackpos-7.png?w=707&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

daf92c82c637532aeb9ecd9f35a952a776f9cbe815d85022545b463a44fa45f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nc: MISS ams 4
date: Mon, 26 Jun 2023 12:31:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Jun 2023 12:31:51 GMT
server: nginx
etag: "a842072eb8ece7b7"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2014/02/jackpos-7.png>; rel="canonical"
content-length: 24980
expires: Thu, 26 Jun 2025 00:31:51 GMT

GET
H2 200 Digging-The-Deep-Web.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2018/03/ 30 KB
30 KB 73ms
71ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2018/03/Digging-The-Deep-Web.png?resize=236%2C300&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

e2a3522e6e082fa56d0eb9bf893a6bddc957911a05ff9a35a1c5e6982abe583e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Mon, 26 Jun 2023 12:31:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Dec 2022 01:11:29 GMT
server: nginx
etag: "d7d085e9626a91ca"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2018/03/Digging-The-Deep-Web.png>; rel="canonical"
content-length: 30524
expires: Thu, 26 Dec 2024 13:11:29 GMT

GET
H2 200 logo-center-for-cybersecurity.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2020/10/ 7 KB
7 KB 74ms
72ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg?resize=290%2C300&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

12e29fa8c4f9d7702cdea6663458a4084007fe4521117610c456c54e6644e07c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nc: HIT ams 8
date: Mon, 26 Jun 2023 12:31:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Dec 2022 01:11:29 GMT
server: nginx
etag: "1b2f6a2d233ae477"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg>; rel="canonical"
content-length: 7234
expires: Thu, 26 Dec 2024 13:11:29 GMT

GET
H2 200 newsletter.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2015/03/ 19 KB
19 KB 73ms
72ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2015/03/newsletter.png?resize=300%2C207&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

167bdead3314274ec6816ae851d767dd0ca9d1f9a2858b8ed0f1820657096097

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 26 Jun 2023 12:31:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Dec 2022 01:11:29 GMT
server: nginx
etag: "a2818519aa04bc5c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2015/03/newsletter.png>; rel="canonical"
content-length: 18968
expires: Thu, 26 Dec 2024 13:11:29 GMT

GET
H2 200 EU-Blog-e.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2022/06/ 13 KB
13 KB 74ms
72ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2022/06/EU-Blog-e.jpg?resize=300%2C251&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

ceb6d0c8321627007c1ca8f7de8f5fafc5a7140cceabe7d8adce562fc4885de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Mon, 26 Jun 2023 12:31:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Dec 2022 01:11:29 GMT
server: nginx
etag: "9aeac3c1faf0be1c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2022/06/EU-Blog-e.jpg>; rel="canonical"
content-length: 13098
expires: Thu, 26 Dec 2024 13:11:29 GMT

GET fontawesome-webfont.ttf
securityaffairs.com/wp-content/themes/rigel_old/fonts/ 0
0

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 31ms
25ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=29506073&post=22121&tz=0&srv=securityaffairs.com&j=1%3A12.2.1&host=securityaffairs.co&ref=&fcp=1551&rand=0.7956998880373409
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Jun 2023 12:31:51 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
81 KB 49ms
46ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P62M3QN974&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8fceafc7ecd0393e6419c24b76f7493464aec7a4503e8deba1f98ad4fdb2d64f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83173
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Jun 2023 12:31:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
87 KB 58ms
56ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

595e42a0472c8bb244bfd86447300b521dc17e5b77bf431eec9d6cea848ab437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89090
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Jun 2023 12:31:51 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
246 B 105ms
33ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NPN4VEKBTY&gtm=45je36l0&_p=176392936&_gaz=1&cid=1019009748.1687782712&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687782711&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.co%2F22121%2Fmalware%2Fjackpos-pos-malware.html&dt=JackPOS%20malware%20presented%20as%20a%20Java%20Update%20SchedulerSecurity%20Affairs&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 12:31:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityaffairs.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
246 B 107ms
33ms Ping
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NPN4VEKBTY&cid=1019009748.1687782712&gtm=45je36l0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 12:31:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityaffairs.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 161ms
58ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NPN4VEKBTY&cid=1019009748.1687782712&gtm=45je36l0&aip=1&z=23305838

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 12:31:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
611 B 148ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.co&callback=_gfp_s_&client=ca-pub-4918072057181794

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

642a995679078d578ef8f725a4778c17771b0f100d1663d4822b4bea5cef85a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 259
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 211ms
68ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 70ms
70ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie-law-info-bar&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 12:31:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5063 603 B
218 B 169ms
168ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1687782711&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fsecurityaffairs.co%2F22121%2Fmalware%2Fjackpos-pos-malware.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687782711228&bpp=350&bdt=245&idt=672&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5817644610733&frm=20&pv=2&ga_vid=1019009748.1687782712&ga_sid=1687782712&ga_hid=176392936&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532278%2C42532280%2C44759876%2C44759927%2C44759837%2C44788441&oid=2&pvsid=725105105721583&tmod=2071939241&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 12:31:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 221a5a398da89ace8729d1cd3c481ec7.json Show response
services.vlitag.com/cli/ 42 B
365 B 225ms
166ms XHR
application/json 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/cli/221a5a398da89ace8729d1cd3c481ec7.json?hn=https://securityaffairs.co
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93145e0aea5fb8c0cacd12e48f4d74629e8d7e096d43aba6cfa1c0a5046b34ff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 12:31:52 GMT
cf-cache-status: BYPASS
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://securityaffairs.co
cache-control: private, no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 7dd5783e1e160a50-AMS
content-length: 42
alt-svc: h3=":443"; ma=86400
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 31ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P62M3QN974&gtm=45je36l0&_p=176392936&cid=1019009748.1687782712&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687782711&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.co%2F22121%2Fmalware%2Fjackpos-pos-malware.html&dt=JackPOS%20malware%20presented%20as%20a%20Java%20Update%20SchedulerSecurity%20Affairs&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P62M3QN974&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 12:31:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityaffairs.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 82ms
81ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230620&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25c85a490770eb8ff4648310ebb18e10ca33550a0dc78378c6576af48b80d7f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11192
x-xss-protection: 0

GET
H3 200 vl.json Show response
services.vlitag.com/vld/1687752649/ 13 B
274 B 170ms
170ms XHR
application/json 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/vld/1687752649/vl.json?page_url=https%3A%2F%2Fsecurityaffairs.co%2F22121%2Fmalware%2Fjackpos-pos-malware.html
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:52 GMT
cf-cache-status: MISS
last-modified: Mon, 26 Jun 2023 12:31:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://securityaffairs.co
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 7dd5783f2f920a50-AMS
content-length: 13
alt-svc: h3=":443"; ma=86400

GET
H3 200 221a5a398da89ace8729d1cd3c481ec7.json Show response
services.vlitag.com/obj/1687752649/ 30 KB
4 KB 36ms
36ms XHR
application/json 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/obj/1687752649/221a5a398da89ace8729d1cd3c481ec7.json?cc=NL&hn=https://securityaffairs.co
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 071eed9e10b7a57813a55dba330592a65b4338c432986b346edbeecd2a44e6ca

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Jun 2023 06:47:15 GMT
server: cloudflare
age: 18400
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://securityaffairs.co
cache-control: public, immutable, max-age=31536000
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 7dd5783f2f930a50-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 209ms
59ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 12:31:52 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 09C9 13 KB
5 KB 36ms
34ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 8332
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 10:13:00 GMT
expires: Tue, 25 Jun 2024 10:13:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B8BB 783 B
1 KB 120ms
44ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f75bd45a9e2e9e70cd92415211f01b76c157afd1aa0740165b13ffe6cb168e7e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rVIrOvK3cIgeMjtVy4nN0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://securityaffairs.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-rVIrOvK3cIgeMjtVy4nN0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 12:31:52 GMT
expires: Mon, 26 Jun 2023 12:31:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js Show response
pagead2.googlesyndication.com/bg/ Frame 09C9 37 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 10:42:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 24 Jun 2024 10:42:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B8BB 0
0 68ms
67ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230620&jk=725105105721583&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 09C9 0
10 B 60ms
59ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nmrB7w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 12:31:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 70ms
69ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230620&jk=725105105721583&bg=!IyClIHTNAAYQ3eRoMN07ADkAdvg8WqHwUL7pn7_LvnuCz_p6jVwQjeFrV3Te_OgG2PUMOf-4lbImKz4tG8XkN6Xa5LnUknJ_AAICAAAAWlIAAAACaAEHCgBtJsok6x_1vqwQv5WFvRSar6QGQc95gXI06kW2ke8cOXb345QNVUIUs85dIK6jze5XVRZWKSxUNfvqKjisVhucc7YGHkeaua4l2Wz-g_hOE_m1vAe4JsXra2KxITYnuA_elJvT14wAe8zV2yo6R5kCpmUv3cJZ39kSxi4O-o8q6YcyVg7AlZvc3rRSSQ60i6iaRS7bV45fERGpZ354cmCEex1LqRhTEQfKoinPmp0wJ6eshizLrZsImVRFndAOv3WzVHpfEjwK9shriFKxnCwBIRJo3V_nRqPzXYVZovPCKXKdeIwUC2jgpFzQfedWHklHsZSLm8r5mJu01QwIXKuM4U2f17X72cEzvswtEzcrTuoyDC_S2GgvoccVS6RSnCTdvKnJPWBm5VPREHFcCq1CM5trlIKXZVZWhqikYSvHMUgfnaCeXAgEgRfHoYXDXeH8ClnK5hbJGA63hx_lWGDOj1i6-BuUCzRdKGs-KLxqkY5IN3MMZwMd1PodxYA2FxqtSGieY81FDVnKu3pMl_f-GaFuHXGyhVzc6LyFLZ_BmDGAXF2UZZ7q8c6n381gIKiYhDRQCSYXwKryKwQE5NLpUGCOMVDHFV9t78y5CZDpDAYLfMATGukNXdyirlLQR-WpIWtIldwe5PkMPIbbef4DSOnJ73oWr8ekH0fL5Z3_xuHIljubqNidSd8NJxrUdEA6kLMqFo3n2WAfPZh4-KQTEVuyU7hzKa842JWxlIQs20G2dFEH-_HEwnukTdL7k4CQbXxp1JSalpTa89_OTDgiq2BCGIjjoAulpMBnUfAjb0wLo7PfE7l4Um42vJaAGHb0Rk9y7Kx-Lxi3z_x52hEfx15q1M1HUYAmtLEN7vf8wLTrJHw9A3InGwL5Ux4RZUFbk5Gl13IEn39ADRImZDxEetyqF_d05HK6vml8CEFOX78fLAerxQikpyZ1hhWMwFPb36YsymoO2iU6915LfRWuM0Y0YZFLiEu8fcc5ykGDNseK2LA8i8seYmuVAX2JwEcD9llHA4h9iA17HpGXD62DGvK43qWf1Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/rigel_old/fonts/fontawesome-webfont.woff?v=4.0.3

Domain: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/rigel_old/fonts/fontawesome-webfont.ttf?v=4.0.3

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
securityaffairs.co/	1970-01-20 21:35:18	Name: cookielawinfo-checkbox-necessary Value: yes
securityaffairs.co/	1970-01-20 21:35:18	Name: cookielawinfo-checkbox-non-necessary Value: yes
.securityaffairs.co/	1970-01-20 22:25:42	Name: _ga_NPN4VEKBTY Value: GS1.1.1687782711.1.0.1687782711.60.0.0
.securityaffairs.co/	1970-01-20 22:25:42	Name: _ga Value: GA1.1.1019009748.1687782712
.securityaffairs.co/	1970-01-20 22:25:42	Name: _ga_P62M3QN974 Value: GS1.1.1687782711.1.0.1687782711.0.0.0
.securityaffairs.co/	1970-01-20 22:11:18	Name: __gads Value: ID=9fba23dbff542d7e-221fea43fee100e1:T=1687782712:RT=1687782712:S=ALNI_MZxWKrzAkgQfpeCVFnSub7iP5eXwA
.securityaffairs.co/	1970-01-20 22:11:18	Name: __gpi Value: UID=00000c6b54b9a079:T=1687782712:RT=1687782712:S=ALNI_MYegH40z3XGVcPYX8-_vs3cWEADcw
.doubleclick.net/	1970-01-20 12:49:43	Name: test_cookie Value: CheckForPermission
securityaffairs.co/	1970-01-20 14:16:06	Name: __ppIdCC Value: aexuritywddwira_xon21087786716695

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html Message: Access to font at 'https://securityaffairs.com/wp-content/themes/rigel_old/fonts/fontawesome-webfont.woff?v=4.0.3' from origin 'https://securityaffairs.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://securityaffairs.com/wp-content/themes/rigel_old/fonts/fontawesome-webfont.woff?v=4.0.3 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://securityaffairs.co/22121/malware/jackpos-pos-malware.html Message: Access to font at 'https://securityaffairs.com/wp-content/themes/rigel_old/fonts/fontawesome-webfont.ttf?v=4.0.3' from origin 'https://securityaffairs.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://securityaffairs.com/wp-content/themes/rigel_old/fonts/fontawesome-webfont.ttf?v=4.0.3 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1687782711&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fsecurityaffairs.co%2F22121%2Fmalware%2Fjackpos-pos-malware.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687782711228&bpp=350&bdt=245&idt=672&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5817644610733&frm=20&pv=2&ga_vid=1019009748.1687782712&ga_sid=1687782712&ga_hid=176392936&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532278%2C42532280%2C44759876%2C44759927%2C44759837%2C44788441&oid=2&pvsid=725105105721583&tmod=2071939241&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=700 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
buttons-config.sharethis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i0.wp.com
l.sharethis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
platform-api.sharethis.com
region1.analytics.google.com
region1.google-analytics.com
securityaffairs.co
securityaffairs.com
services.vlitag.com
stats.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
www.google.com
www.google.nl
www.googletagmanager.com
securityaffairs.com
192.0.76.3
192.0.77.2
2001:4860:4802:34::36
2600:9000:26da:a400:c:abe:f440:93a1
2606:4700:10::6816:3bc7
2606:4700:3031::ac43:8cd3
2a00:1450:4001:809::2003
2a00:1450:4001:810::2008
2a00:1450:4001:811::2001
2a00:1450:4001:812::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c0a::9d
2a06:98c1:3121::3
35.158.33.255
99.84.88.50
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0255909b7cb5511843e8e9d6414f99d023237cdb954705d68c4ff0d3cd752d6b
071eed9e10b7a57813a55dba330592a65b4338c432986b346edbeecd2a44e6ca
1009b5a8852ca3fdbdacabac3778cf9dea8f91a58d36466a5fe20d0441ead1f7
12e29fa8c4f9d7702cdea6663458a4084007fe4521117610c456c54e6644e07c
1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2
167bdead3314274ec6816ae851d767dd0ca9d1f9a2858b8ed0f1820657096097
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25c85a490770eb8ff4648310ebb18e10ca33550a0dc78378c6576af48b80d7f3
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2
28275dbcd3747f460a53102bb9dad566db20349335371cef756c72f4ab155431
2ba7c2311986ffb857dac36c0269f59bd9eb78fbf7435f2a2ebe5ba3af6fb9b2
2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f
3570b0809823e912b040bb8d99048d5e85ceabf830ef064e306c0a1901a08e11
4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6
4912921f307f129d565cc35d51f45d645f309229170e2a4fbaef731e0c840c51
51df3ca60fafe5df2786ce34c4b6dff5af9bb0a061f1808783f65bb1016e016d
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
595e42a0472c8bb244bfd86447300b521dc17e5b77bf431eec9d6cea848ab437
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
642a995679078d578ef8f725a4778c17771b0f100d1663d4822b4bea5cef85a6
6726257bf91f6c971363480bb63164537b19bfd2d3c34133196f755922dda986
698efec41dc5a5946ae4a26a456cad7646bb9cb56a479ee89b76160cccba142e
699e8cb3d0af7f12172315152a58cf8154526ddc2ee3d29ed8861218e9cf91a2
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
72133d32df2afc6b9627d461268f0b37980034d4ab0a575912b80bcca5e6c609
73e52be898a7afbbfa119fdb5a95ca82c2b914da8d756404f7e5c7e0b6ff1928
751ae0b0e7b20fc45203c90e0c3391e1aa983f57327fb31d96dda46f7232ad45
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
77a97368f8991ef6bcba68e58a58f0aa3aaa1e61b687bb5f2c7930d12800de13
7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d
7c11433c4dc7cf18972c22ca0f2cf78493b92aaf89bab4dab47c6c9b6c551d50
7c4baf058901663c6879894c0067cf923fa200cb95a0a4c25b1471a62c2a63c8
8a8c0bd86eee0230682ed29c5e30936b6b14ab02e1586692840ef8ea4de9dda6
8fceafc7ecd0393e6419c24b76f7493464aec7a4503e8deba1f98ad4fdb2d64f
903b71b465e0b0800d27587a4fe604157dce730b45d63dca8a8ab08d4f9aaf32
90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4
914c2c38bcf8be8ae0bb37e800573341c8134e54b5ced5303c1d3f172d7e6c96
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93145e0aea5fb8c0cacd12e48f4d74629e8d7e096d43aba6cfa1c0a5046b34ff
9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254
a04aa9666a49a1c434d7e44268f399e0c1dc1b306a2cc6f3414551364c217b4d
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a140f8910f967d602bb8503dffbc322902686f8b0755f893dd20beb14b1a4a08
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ea1f3c6951b71eb83050cd630f9c7c1c736b5b277d38a0e4465d80a5e53d4d
a93c1ac24fad6ffb0de84e1f56b111e8b177d68a2948ffe1c87d9c02bb68b2d1
ab8517f3d5171dd42a8b9c22af6a2f944b41d00e7ea54ba02b4ed71a6c59e543
ae03a6f166707bd6d859e1df470965bdd79c6f2eeffbe7790c0829f9a92b1c94
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56
b075b7044f1410c30fb5c0ecf3ecff7f760ca31c51fa605707275d177bb3c1b0
b0eaabca31ab1a868f8b464116c58bad92ddf1115263cf5468d537cd1c2f0c5c
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be
b33e3ff7c01e9eb947faf1bd0dd31d3d210ff9fdf809f2db3938b5b865b9cc31
b34b10bbc97d3457a9e8c59779850e01d45160be2c72ac4e5f7bdb0eb3635cef
b5643c5e548ec3aab5786c3845bce65a8ab30d48b62ba2586373ff84589ea13d
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bea141b0e1c016faface442cf56dae318f97789bea95d633da28014d5233a934
c31c872bd1b263e86b8127059907e0c7e94c0985a85acd24d856f4d9aa294db9
c37f0638aea7427161e04791736d419b581672d91342c43f74fed6caaf93fc23
c38fee45a86f075a384833b7098f3bee203f0404be0c0369242a1b1abd5f186f
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c9b6164ccc60fa98562a1d315d63a961a7ffa16183117a6a5f6d5bf3893283c0
ceb6d0c8321627007c1ca8f7de8f5fafc5a7140cceabe7d8adce562fc4885de7
d5133a1035cbf203be573cc6e15a2d4f8477b62568bea772b2192dc68c4980e5
d6f712bb063293806236d362715f5f3f134ddeb3da95e66f7f7d5f1311975296
d749579e51cf490ba27a6782bcfe07c52e44ffa8e3fbb4db7a4dded9d0d9ef29
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
daf92c82c637532aeb9ecd9f35a952a776f9cbe815d85022545b463a44fa45f9
db2175fffb1a59f6b07a5b10c728a0d7cdbe90e33794678d0d958d4da934578b
db4312bece8d50799c3e99a316a58218a527df0f25b93c3e075e04712e20cacf
e2a3522e6e082fa56d0eb9bf893a6bddc957911a05ff9a35a1c5e6982abe583e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a60c03a7ac0033874b06898e7d33e5baa504587739cab70acbed545d69c1f1
e63ce5b7ed21eed9e79e149fd15071f7d52af26b7b50b23af810cfe3b50f7a1a
e9b6e5d6207dea3753f55720cef88d4c6a60758ffacb7808ec6081b2a63bbc5e
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ee86b02e97bfb8f83af87a4f7991c713e1e90dce091524c0c675b393091b6ff7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f75bd45a9e2e9e70cd92415211f01b76c157afd1aa0740165b13ffe6cb168e7e
f7d71d48502737ece5bf0878e80f215649c87080123dd8e57a6c271e4edea7ca

securityaffairs.co Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

98 Requests

98 %HTTPS

80 %IPv6

14 Domains

22 Subdomains

21 IPs

3 Countries

1967 kBTransfer

4121 kBSize

9 Cookies

72 Outgoing links

Page URL History

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

securityaffairs.co Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

98 %
HTTPS

80 %
IPv6

14
Domains

22
Subdomains

21
IPs

3
Countries

1967 kB
Transfer

4121 kB
Size

9
Cookies

98 HTTP transactions
1 data transactions