Submitted URL: http://securityaffairs.co/wordpress/22121/malware/jackpos-pos-malware.html'
Effective URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Submission: On July 04 via api from US — Scanned from NL

Summary

This website contacted 16 IPs in 4 countries across 12 domains to perform 82 HTTP transactions. The main IP is 172.67.140.211, located in United States and belongs to CLOUDFLARENET, US. The main domain is securityaffairs.com. The Cisco Umbrella rank of the primary domain is 593253.
TLS certificate: Issued by WE1 on June 11th 2024. Valid for: 3 months.
This is the only time securityaffairs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
54 securityaffairs.com
securityaffairs.com — Cisco Umbrella Rank: 593253
2 MB
8 wp.com
i0.wp.com — Cisco Umbrella Rank: 4434
stats.wp.com — Cisco Umbrella Rank: 3745
pixel.wp.com — Cisco Umbrella Rank: 3684
157 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
214 KB
4 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 5168
buttons-config.sharethis.com — Cisco Umbrella Rank: 5857
l.sharethis.com — Cisco Umbrella Rank: 5781
94 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
185 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 8088
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
248 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3125
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2355
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
2 KB
1 securityaffairs.co
securityaffairs.co — Cisco Umbrella Rank: 846866
528 B
82 12
Domain Requested by
54 securityaffairs.com 2 redirects securityaffairs.com
6 i0.wp.com securityaffairs.com
6 pagead2.googlesyndication.com securityaffairs.com
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.googletagmanager.com securityaffairs.com
2 platform-api.sharethis.com securityaffairs.com
1 www.google.de securityaffairs.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 pixel.wp.com securityaffairs.com
1 fonts.gstatic.com fonts.googleapis.com
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 fonts.googleapis.com securityaffairs.com
1 stats.wp.com securityaffairs.com
1 securityaffairs.co 1 redirects
82 17
Subject Issuer Validity Valid
securityaffairs.com
WE1
2024-06-11 -
2024-09-09
3 months crt.sh
sharethis.com
Amazon RSA 2048 M03
2024-04-19 -
2025-05-17
a year crt.sh
*.google-analytics.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
*.g.doubleclick.net
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2023-11-28 -
2024-12-28
a year crt.sh
upload.video.google.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
*.gstatic.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
*.google.de
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
tpc.googlesyndication.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh

This page contains 4 frames:

Primary Page: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Frame ID: 521DF8E8CB1BBA340C0A3C905D81EBF4
Requests: 79 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240702/r20110914/zrt_lookup_fy2021.html
Frame ID: CD5EEDC289149FBED06784D19B0A4512
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1720068892&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F22121%2Fmalware%2Fjackpos-pos-malware.html&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=28~30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=28~30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=28_16~30_5~27_8~29_11&aiixl=28_4~30_6~27_3~29_5&aslmct=0.7&asamct=0.7&aipaq=1&aisaib=1&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720068892704&bpp=6&bdt=378&idt=223&shv=r20240702&mjsv=m202407010101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=3814891453239&frm=20&pv=2&ga_vid=74244860.1720068893&ga_sid=1720068893&ga_hid=1743090004&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95330413%2C95334510%2C95334527%2C95334572%2C95334579%2C31085041%2C95335246%2C31084184%2C31078663%2C31078668%2C31078670&oid=2&pvsid=69947513321324&tmod=1987095207&uas=0&nvt=1&fsapi=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=243
Frame ID: 467FD665FFC505D835F261B8309167B1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2C6C8751440E8D82DC06BAC47C7107F4
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

JackPOS malware presented as a Java Update Scheduler

Page URL History Show full URLs

  1. http://securityaffairs.co/wordpress/22121/malware/jackpos-pos-malware.html' HTTP 307
    https://securityaffairs.co/wordpress/22121/malware/jackpos-pos-malware.html' HTTP 301
    https://securityaffairs.com/wordpress/22121/malware/jackpos-pos-malware.html' HTTP 301
    https://securityaffairs.com/22121/malware/jackpos-pos-malware.html' HTTP 301
    https://securityaffairs.com/22121/malware/jackpos-pos-malware.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

82
Requests

98 %
HTTPS

50 %
IPv6

12
Domains

17
Subdomains

16
IPs

4
Countries

2391 kB
Transfer

4814 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://securityaffairs.co/wordpress/22121/malware/jackpos-pos-malware.html' HTTP 307
    https://securityaffairs.co/wordpress/22121/malware/jackpos-pos-malware.html' HTTP 301
    https://securityaffairs.com/wordpress/22121/malware/jackpos-pos-malware.html' HTTP 301
    https://securityaffairs.com/22121/malware/jackpos-pos-malware.html' HTTP 301
    https://securityaffairs.com/22121/malware/jackpos-pos-malware.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

82 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request jackpos-pos-malware.html
securityaffairs.com/22121/malware/
Redirect Chain
  • http://securityaffairs.co/wordpress/22121/malware/jackpos-pos-malware.html'
  • https://securityaffairs.co/wordpress/22121/malware/jackpos-pos-malware.html'
  • https://securityaffairs.com/wordpress/22121/malware/jackpos-pos-malware.html'
  • https://securityaffairs.com/22121/malware/jackpos-pos-malware.html'
  • https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
359 KB
71 KB
Document
General
Full URL
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe07645b41b2815706663cfa6af89540bb72b039c66672d56604ccc1cc602ec1

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-edge-cache
cache,platform=wordpress
cf-ray
89dc850b1bd51945-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 04 Jul 2024 04:54:52 GMT
link
<https://securityaffairs.com/wp-json/>; rel="https://api.w.org/" <https://securityaffairs.com/wp-json/wp/v2/posts/22121>; rel="alternate"; type="application/json" <https://securityaffairs.com/?p=22121>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HTj%2BWpjgptyNr%2By2lmtKRppGDP%2B5OkRpnjFAHxtqXCa0M94lGnHU%2FL%2BtjTeks43IzMp3W8AqYZMGBSw3ua25C0QQdDBztcfItk5EI%2BhgCq%2FdnsHO4RNBC9NhrBitlOQ5YXffTQo4"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Cookie

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-edge-cache
cache,platform=wordpress
cf-ray
89dc8509fa951945-FRA
content-type
text/html; charset=UTF-8
date
Thu, 04 Jul 2024 04:54:51 GMT
location
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pbLZ8ymCvyowL43Sp6fTzlFKOpzl3216wL9jv%2BrxiS%2F7cFFQuCxyeyrYAeHevunktLO6BZ70woHx7xRgcmsxM%2F%2F3gaqrLTMf38lMu5lubUGLZxb1fsaDfv3zfq5ei5kEGw1RIVoT"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Cookie
x-redirect-by
WordPress
style.css
securityaffairs.com/wp-includes/css/dist/block-library/
111 KB
15 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-includes/css/dist/block-library/style.css?ver=125e3add578297a09fe8f74fcc707c8e
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c2c8820097bc25fb47e7ae471e1624741ce4ccec3b187ddac947013d33c4974

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
165412
cf-polished
origSize=121639
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 03 Apr 2024 23:01:02 GMT
server
cloudflare
etag
W/"660ddfae-1db27"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LtozfrtUYIrKVMnuiyQiXhpimNNhp%2FXhlrkn3G6uxurK1gIBc7SxA%2BsGK595CF%2B%2Bc3824ahvzzuyfQ764DAFJtiw9nLSvZBvAvAmgUmO7U8ye%2F7iHTvEzMLoWS26NG0hLf%2BU1qwA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
89dc8511297b1945-FRA
expires
Tue, 09 Jul 2024 06:58:00 GMT
mediaelementplayer-legacy.min.css
securityaffairs.com/wp-includes/js/mediaelement/
11 KB
3 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 09 Dec 2020 23:31:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
445523
etag
W/"5fd15e34-2bf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uQ7BsxP9KXPN3im%2BEZzoyEn7dkFVd977MCAP0yTLPgPMjlrOQ3Djj1E%2B5o6TpIPWxx1DQUTJ58syBHhb86D%2BkCkWJauAS05tI%2BUAROCzOYV6GNp3f9qg2CJ1vfd%2BPUd8fX9dsnU2"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
89dc8511297d1945-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 01:09:29 GMT
wp-mediaelement.css
securityaffairs.com/wp-includes/js/mediaelement/
4 KB
2 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-includes/js/mediaelement/wp-mediaelement.css?ver=125e3add578297a09fe8f74fcc707c8e
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
165412
cf-polished
origSize=4960
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 13 Nov 2019 23:52:08 GMT
server
cloudflare
etag
W/"5dcc9728-1360"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WfOzuc8m0L8VHd7kzoMspZFj07%2BnKczLywJugWdxu0VlNMCqSdPBF90l8rU1a6M8Wd03a0lxSpS7qgBYkpIKYBeEl7xT1c5GQZa51W4TV6t3dIYadK1k6lF4INhK6gqqhFlgLOFd"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
89dc851129801945-FRA
expires
Tue, 09 Jul 2024 06:58:00 GMT
styles.css
securityaffairs.com/wp-content/plugins/contact-form-7/includes/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.6
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d4b7ac2cf724a064d15a4379ccca7a81c346dcb143f279d83a0e99f9563cc7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21730
cf-polished
origSize=2894
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 19 Jun 2024 22:21:35 GMT
server
cloudflare
etag
W/"667359ef-b4e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FhjDizNYYsefGW7WUhP3GfxdKMfGTaQyr2fQbqga7rf3BMqsIW13fDTMBrQ3bPJWx6kDTVnKDrUoLSmWk2dzeUdFn9T5SPQHTg%2BPVhW9YfeuMs7gYk%2Bnhh69BOi9hJSy6OGeRrcf"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
89dc851129811945-FRA
expires
Wed, 10 Jul 2024 22:52:42 GMT
cookie-law-info-public.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.2.4
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
357808
cf-polished
origSize=3106
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 25 May 2024 21:38:33 GMT
server
cloudflare
etag
W/"66525a59-c22"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n4H7M9Dcxr3P3rPr4F4GCER1Q31tGM%2Fd2wj1Nb3yNMxWzVcwPJxrESk2SD9pkLNKk%2FiEpzr73fx397gM6V2nC8bGsUUF6yYOJk7LeXPK5WgsgbTLk9QRKD6W411sbASy9l739%2FFg"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
89dc851129851945-FRA
expires
Sun, 07 Jul 2024 01:31:24 GMT
cookie-law-info-gdpr.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/
22 KB
4 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.2.4
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
359016
cf-polished
origSize=27249
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 25 May 2024 21:38:33 GMT
server
cloudflare
etag
W/"66525a59-6a71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TEHoMOwNcs4J%2BQqhQe1eMxsdYiuuc%2B%2FveK6R65P2stFRODs8CIoOwC5A0wtqegHxEXpu%2FtiywdBMqVT2XXkW%2Bkz3IA8cE%2BLOq%2Bc1i6WYguNb97ANwd8anvRMalY7Y3WqWlrTdcM%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
89dc851129881945-FRA
expires
Sun, 07 Jul 2024 01:11:16 GMT
mu-style.css
securityaffairs.com/wp-content/plugins/sharethis-share-buttons/css/
0
514 B
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=1714514717
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
99458
cf-polished
origSize=26
alt-svc
h3=":443"; ma=86400
content-length
0
cf-bgj
minify
last-modified
Tue, 30 Apr 2024 22:05:17 GMT
server
cloudflare
etag
"66316b1d-1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZVVeabE2OlW6%2BvuaV4jTiQlDHIGb6iL33ll39zGld6npbiLHuFNilbpGtmluXgOUcunm3f2AHdXnxcn3RodvI%2FfD9is6eXAVxu%2F%2FuSjpzV4zJKWUt1oNkyIYOi%2BbWm9RX%2BKgsVh8"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
89dc8511298b1945-FRA
expires
Wed, 10 Jul 2024 01:17:14 GMT
form-basic.css
securityaffairs.com/wp-content/plugins/mailchimp-for-wp/assets/css/
2 KB
1009 B
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.9.13
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90bed464813fbd721e4991e83fe323e763f91294f98018462c2698d16e60ae5f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
528772
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 25 Apr 2024 21:33:14 GMT
server
cloudflare
etag
W/"662acc1a-654"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w6WJR4Y3W%2FcP9l2cSp6a8PxBR75zAb2%2BVMUytY%2Fk5G5Vva%2BusiUmBoopczONO5sZoI4Oz5U3Jtrq52DP3ck1gLZfbsDGMjvQn9fyqKECnUyoKsuQ0EU4B8GmTwZRj2CkTdjhpQ3%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
89dc8511298f1945-FRA
expires
Fri, 05 Jul 2024 02:02:00 GMT
bootstrap.min.css
securityaffairs.com/wp-content/themes/security_affairs/css/
152 KB
27 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/bootstrap.min.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:47:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
458651
etag
W/"63ec8df4-260c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=egd5cM4qTA8pVw7Bon7isq%2F5s6WmXMyogNECH%2FmRIxK7clAXDJjm7LRc7NWzfrTWoQzNDvZmKYX6QJPjlwRWMvA2JsIjUo3F7L4V3KZuP%2BQwClBCU11W8rOSNZh9G6s55oLZuyvQ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
89dc851129911945-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 05 Jul 2024 21:30:41 GMT
plugins.css
securityaffairs.com/wp-content/themes/security_affairs/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/plugins.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
444377
cf-polished
origSize=31000
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:47:01 GMT
server
cloudflare
etag
W/"63ec8df5-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FZBawbtB%2FiZgdWwiPfWvWkM%2FXIfcBMl5m9NtOJSBKeEq4veaCVH2dcc0d1f5hEPiNEvT5nyzfuW8%2FrcP%2B5KsWzcqJllK2XjPGvn%2BT%2FzapKTOW5%2FEml02AK0tfDAfx8NROhdtjpcR"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
89dc851129931945-FRA
expires
Sat, 06 Jul 2024 01:28:35 GMT
animation.css
securityaffairs.com/wp-content/themes/security_affairs/css/
44 KB
4 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/animation.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaade0e5f063f06ba9ec0303b6e2cf134e7e7ddedce6b51813880fe52bbb5de2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
444376
cf-polished
origSize=45516
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:47:00 GMT
server
cloudflare
etag
W/"63ec8df4-b1cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RYrsdeeUwW0mLYShEeqV%2BwX0ozdIpvFxsZj5Y%2Bo3qeTv6%2FdNzhYsWQxASEChwVNER44%2FO4BKaQyZxadMbEnge1d4TbIuGw5vxHnLk3IIkUB8bQU2F7cuFLYvlVW9xqMCUvcj1Xge"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
89dc851129941945-FRA
expires
Sat, 06 Jul 2024 01:28:35 GMT
select2.min.css
securityaffairs.com/wp-content/themes/security_affairs/css/
16 KB
3 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/select2.min.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:47:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
444377
etag
W/"63ec8df5-3f88"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iHrmbAelwTQOjclKi8IMFmjzqV%2BSwV5YygrKs%2BdJFf6D42IB0HsTcrzZ5y%2F0A9LqXxSpoPwl4bLeGw%2BGAkg2cjogWSPAloA%2FcbWVcIIlaKboBX6WtlfXXNtTPXtNBudwAJ3MyX85"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
89dc851129961945-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 01:28:35 GMT
bootstrap-datetimepicker.min.css
securityaffairs.com/wp-content/themes/security_affairs/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/bootstrap-datetimepicker.min.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
165d6cf0440273d98a7ff9e3a3c996af430f251f139ce41bd21d2b995291a0ff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:47:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
357808
etag
W/"63ec8df5-13c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BgSawRepzC0cryAx3%2BrRZ7vOWqgcUaJ4673K6MEItPZjw%2B750n5x03cV0fr4S85yd3xCBPbMxlw77Grju4DI%2FNiW7SYnyIvfJDDkHKkTqM4iQknr4gPS3gW8wvu9WG56oemVoqm%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
89dc8511299a1945-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 07 Jul 2024 01:31:24 GMT
style.css
securityaffairs.com/wp-content/themes/security_affairs/css/
62 KB
10 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac825c2e7eb874cfe862111097aa63158b575df11b0ea342814a5bc55f450b66

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
444377
cf-polished
origSize=63687
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Aug 2023 19:58:52 GMT
server
cloudflare
etag
W/"64dd2a7c-f8c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g6BV1gmsl2VnUX0bU7Yb12M2EdVcdlHWWuFAgu9KigKv7zQ5RPVPZECd2sBc2YJUPN58mQpAE6dFObhpq5qo%2FavH1WQQIQqb3HD%2B2RAnBZ7L9cjkQWogkiTTfBKn8DEX%2FeVSintR"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
89dc8511299d1945-FRA
expires
Sat, 06 Jul 2024 01:28:35 GMT
slick.css
securityaffairs.com/wp-content/themes/security_affairs/slick/
4 KB
1 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/slick/slick.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a21e3d4b193d36cbfab4d9cb007c5f531c86b7c3d5fbadc0ea2a20296330d536

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
444377
cf-polished
origSize=4922
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:45:55 GMT
server
cloudflare
etag
W/"63ec8db3-133a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5uSAsRyu95cqrJPRHd%2B%2FbtQOPDP4pR1%2Bv1nj0g43HsLQ1riW%2BbKIIL7K4dHjdirFszK976RNCM%2BdjG0Sya28rnOXdm1FvHgyDtgQDV0fFflYXjVFPOrkPHr9SX9OwkZTK5bdbeEf"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
89dc8511299f1945-FRA
expires
Sat, 06 Jul 2024 01:28:35 GMT
jquery.js
securityaffairs.com/wp-includes/js/jquery/
138 KB
41 KB
Script
General
Full URL
https://securityaffairs.com/wp-includes/js/jquery/jquery.js?ver=3.7.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
508a8d88a4db7b5ef87b1d5b6fc60e56b7c5384b75b75b10e77f298ea108b510

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15565
cf-polished
origSize=285334
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 08 Nov 2023 22:53:12 GMT
server
cloudflare
etag
W/"654c1158-45a96"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cjt4p3L38z4ETskP4NJW62aSuz7JUGJ3PQ439RALQECaeSko%2F%2FjnKg2H9CPLsqL6bDSmVWyNtuSDwMtDgzSmdnGmnyM6oAIeWvuf%2BT5miPxmAo5zi94ZvlVHEbkvpJ%2FgJMhxBv4N"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
89dc851129a01945-FRA
expires
Thu, 11 Jul 2024 00:35:27 GMT
jquery-migrate.js
securityaffairs.com/wp-includes/js/jquery/
19 KB
6 KB
Script
General
Full URL
https://securityaffairs.com/wp-includes/js/jquery/jquery-migrate.js?ver=3.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82815a7dba0c18a1092121e80005ee37b0390b8b755a6dc8ba03e199ed3a2501

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15565
cf-polished
origSize=31978
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:36:33 GMT
server
cloudflare
etag
W/"64d2c371-7cea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yANEsMO7zF9gpVf5ndaGjbGRES8uBfWxzb6OqnjMjd4pABm6tarSU9po%2FfH%2BHOQGF60ys%2BZjOm0BhwrGKK1FAuVVzn%2BFZqRoaQwfIWEyWxCvfHoVr3ZF2Qf7%2BnQFY%2Fxihhqoiu5e"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
89dc851129a41945-FRA
expires
Thu, 11 Jul 2024 00:35:27 GMT
cookie-law-info-public.js
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/
27 KB
7 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.2.4
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17edd30c836139dca04b425da3f51410bd1697ab74e0a77b75c028a3f180aaae

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
359016
cf-polished
origSize=34185
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 25 May 2024 21:38:33 GMT
server
cloudflare
etag
W/"66525a59-8589"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Im%2BDa6spqVYGfrIOpt4FPFzcJ7914wVedjg5wQFGBfv36AVKXMf9dcE2P7lBaETbN4IXNu5Ydzj8Ua7jQGIDFdvOuwdhSyB3uwHZQ6tfdHf%2FUKtFX4Cr%2Fb89QN6raBv17QE7rMQP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
89dc851129a71945-FRA
expires
Sun, 07 Jul 2024 01:11:16 GMT
sharethis.js
platform-api.sharethis.com/js/
206 KB
46 KB
Script
General
Full URL
https://platform-api.sharethis.com/js/sharethis.js?ver=2.3.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-14.fra60.r.cloudfront.net
Software
/
Resource Hash
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:51:51 GMT
content-encoding
gzip
via
1.1 56df5811b9d89103539b9b0b5fd9b262.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P7
age
183
etag
W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
YsABECNrYu_CWr7wTAB9KFWeDXs8HOPSoSg6DrYxVuGGpw_AzPz13A==
sharethis.js
platform-api.sharethis.com/js/
206 KB
46 KB
Script
General
Full URL
https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-14.fra60.r.cloudfront.net
Software
/
Resource Hash
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:53:24 GMT
content-encoding
gzip
via
1.1 56df5811b9d89103539b9b0b5fd9b262.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P7
age
92
etag
W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
wQUPqX58TO07h36m99DOUsnBCvqwY60WA25mh8X0aCw2bAII5uPQpw==
js
www.googletagmanager.com/gtag/
235 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8ZWTX5HC4Z
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c8a926c5629b8d3381939f473669740f47aff0b05c870f17e65de2b4d5e3942
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86657
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jul 2024 04:54:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
160 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
d14ac78c42a86d12c55c05dc6caff32f8575b8dd76504d79a6b4dec4d4530eee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Origin
https://securityaffairs.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52856
x-xss-protection
0
server
cafe
etag
1522006442237718065
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 04 Jul 2024 04:54:52 GMT
js
www.googletagmanager.com/gtag/
301 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc78f3f58a3d733bca062d304e4c68194331664d9d1b20b46f15adcd7b0fb356
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102654
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jul 2024 04:54:52 GMT
menu-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/
467 B
845 B
Image
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/menu-icon.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ef2c493105913ae8a012433b49e73fec9f4e3dfaf70723bcf66c3e3e0e09e9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
8921863
etag
W/"63ec8dd3-1d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m87rGTwATbp%2B2UxRQ44GiUhojEi9ysgPXUjxm5vBeGle7vc7ECAPnHQOG5XMuOrXUJPj6RAyOwx5bBqJ8mgTLxKrcYTwSkLZ1Pn%2BPuSXJ4EJcw1TY%2Bswaw%2FDOqikXxbZykMQSEGg"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
89dc851129a81945-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
securityaffairs.com/wp-content/uploads/2023/08/
5 KB
5 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2023/08/logo.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51e18fa3a179268df5763ae93f237dfa9ab4733b4e2791fe3cfeecca702a8832

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8921863
alt-svc
h3=":443"; ma=86400
content-length
4751
last-modified
Sun, 27 Aug 2023 14:33:01 GMT
server
cloudflare
etag
"64eb5e9d-128f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TZW0BMIkWIXaxPTa9PcZmpMC3%2BSsuSMponBPnoX%2BvY3ffRblrdi%2FYkH%2FRo%2F7zubS%2BQJrosHODxmRQbIM703cmA57xfwXvfC8d%2Fveuk0Fr5t44vJNx5A%2BAe26BRUCph8pFuNXUwJp"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
89dc851129ab1945-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
0801297e-52a3-4525-9d2b-a52706dd1f02
https://securityaffairs.com/
5 KB
0
Other
General
Full URL
blob:https://securityaffairs.com/0801297e-52a3-4525-9d2b-a52706dd1f02
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e96379eb4b6430c032586b48e70b2b5f6e8c0a346f3efd89ad20aca93ca09d11

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
4729
Content-Type
text/javascript
resecurity_banner_header_mobile.png
securityaffairs.com/wp-content/themes/security_affairs/images/
153 KB
153 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/resecurity_banner_header_mobile.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24c96170c8307f6a1f4eff1fd0d355a91ebd6d208b809298dd2a75b238371390

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4125946
alt-svc
h3=":443"; ma=86400
content-length
156524
last-modified
Thu, 16 May 2024 23:19:33 GMT
server
cloudflare
etag
"66469485-2636c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MXJ5yqQpxS6BnP6oFrBeMUeXolsNcK5zEa1RhCX9boPD9gVB4QThKH7ONsVLznGOATgzMyJdnxAeuDlc6MAmN8%2B73oFoLVECuB4feLMUrseeCkgysSFKkv49iIBhFbpWFhD3pvWF"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
89dc8511ba591945-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
user-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/
987 B
1 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/user-icon.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e0352c858984ddb68c11c0b8265ea2ae72ab8d29b4471f888d4cbd95fe881ef

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
8936266
etag
W/"63ec8dd5-3db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C8ENGI1CGdlHi%2F5pCfEdYD0Ox42%2FxIjCPrY1dhJ3v050uZnlkNeoUYI0llcICiWctrvDkp3UzFk3jPRHlREDRNB6ehfSwNqOieDjyV8fDHekIT9o%2FbUOuKDHLI8Xqk69l5OUKiEp"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
89dc8511ba5a1945-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
clock-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/
947 B
1 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/clock-icon.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b5d4f52ec96a0aef85f731e618cb627749775534ae86976446f42350757392

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
8929812
etag
W/"63ec8dd5-3b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5wWCeljC56wko8A4KysGGmiG3ZP56xiPbqJYTeMBlKcEu3xvfGM4pOvJCXcgvxkzTjsJmTFcGW4FGmhbFvHpttheeUnpyrHHn0y3gwOvJBtzUL2dFb49sYfSKstcfK6fzkjkaC%2B3"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
89dc85127b0f1945-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
POS-malware-map.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2014/02/
34 KB
35 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2014/02/POS-malware-map.jpg?fit=1008%2C648&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
3024d568a2e131b54d080a4c7761e15b2a7cc57de2f8aed08927736fe5326f48
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
34972
x-nc
MISS ams 3
last-modified
Thu, 04 Jul 2024 04:54:52 GMT
server
nginx
etag
"293493a9a7d73e8b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2014/02/POS-malware-map.jpg>; rel="canonical"
expires
Sat, 04 Jul 2026 16:54:52 GMT
jackpos_1.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2014/02/
19 KB
19 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2014/02/jackpos_1.png?resize=470%2C179
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
c37f0638aea7427161e04791736d419b581672d91342c43f74fed6caaf93fc23
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
19232
x-nc
MISS ams 1
last-modified
Thu, 04 Jul 2024 04:54:52 GMT
server
nginx
etag
"73a9717f3da74642"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://securityaffairs.co/wordpress/wp-content/uploads/2014/02/jackpos_1.png>; rel="canonical"
expires
Sat, 04 Jul 2026 16:54:52 GMT
jackpos-2.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2014/02/
37 KB
38 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2014/02/jackpos-2.png?resize=476%2C293
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
72133d32df2afc6b9627d461268f0b37980034d4ab0a575912b80bcca5e6c609
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:53 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
38272
x-nc
MISS ams 2
last-modified
Thu, 04 Jul 2024 04:54:53 GMT
server
nginx
etag
"8f722a849c617c6f"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://securityaffairs.co/wordpress/wp-content/uploads/2014/02/jackpos-2.png>; rel="canonical"
expires
Sat, 04 Jul 2026 16:54:53 GMT
jackpos-3.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2014/02/
10 KB
10 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2014/02/jackpos-3.png?w=703&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
db2175fffb1a59f6b07a5b10c728a0d7cdbe90e33794678d0d958d4da934578b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
9932
x-nc
MISS ams 7
last-modified
Thu, 04 Jul 2024 04:54:52 GMT
server
nginx
etag
"6fbc18cbeb750b6a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2014/02/jackpos-3.png>; rel="canonical"
expires
Sat, 04 Jul 2026 16:54:52 GMT
europol-terrorism-data-leak.jpg
securityaffairs.com/wp-content/uploads/2016/11/
52 KB
53 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2016/11/europol-terrorism-data-leak.jpg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db8d4f231a9a3ae516d0c2075d044e5df5e3aad331536b23bb8d2b9503269e0f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2329750
alt-svc
h3=":443"; ma=86400
content-length
53366
last-modified
Wed, 30 Nov 2016 15:11:21 GMT
server
cloudflare
etag
"583eec19-d076"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q0ejkbIfAggzUwrhLn9KdP72i18t5ljrNkiko6eGTW6LQrjTrxW8heuUKWE3iqykPtN0FC9LJCnGDsmbbmMfrcysvbuayCMl0Xgwk0C8ObnvW4BUM%2F2r8uRMkwXsbWN7Hy3bU37K"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
89dc85127b101945-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
image-1.png
securityaffairs.com/wp-content/uploads/2024/07/
438 KB
439 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2024/07/image-1.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d68ea3f23e64014415c5d84543b69d8178e7dcb68ccc686e384f84965c125bb8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
51818
alt-svc
h3=":443"; ma=86400
content-length
448682
last-modified
Wed, 03 Jul 2024 14:22:43 GMT
server
cloudflare
etag
"66855eb3-6d8aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2FSpuEdi9wU2BnnUC7s49IhLdQw32P1Ixy1%2BY2MhXmM1UDMMiXhArouvk1GcTZu%2BGtdf3DmD4naihVddFqrzHtWX9VTH7C3eVadbVGrPUuhUVjL1lEmeXcLFe1Oab7OuKhOLkecy"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
89dc85127b111945-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ransomware.jpg
securityaffairs.com/wp-content/uploads/2019/06/
175 KB
176 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2019/06/ransomware.jpg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6828f1bdae5c7b89d801df314049a2d65159a4284ee530e5c848a153eadf8c87

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182603
alt-svc
h3=":443"; ma=86400
content-length
179376
last-modified
Wed, 26 Jun 2019 13:32:34 GMT
server
cloudflare
etag
"5d1373f2-2bcb0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j7CDtJRRlbxRUVWSu5OzN2rnTAAU2pJRVqP7D%2FWewZNNev0xetlmiJGKMAngwQtmFQDV3Vmg2NNe%2FLWVSsLbtLYkwM8NjpNz%2F3doYTHGi9RV%2Fhr4Ke3iM47dA75sHAHLnBqJlgVb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
89dc85127b121945-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Consular-Department-of-the-Embassy-of-the-Russian-Federation.jpg
securityaffairs.com/wp-content/uploads/2016/12/
92 KB
92 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2016/12/Consular-Department-of-the-Embassy-of-the-Russian-Federation.jpg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13c74a3d594ad23aea83d2e896e0bfad0b527dfbdbb0c222dc52a481df3ec85c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4752906
alt-svc
h3=":443"; ma=86400
content-length
93967
last-modified
Tue, 13 Dec 2016 10:50:54 GMT
server
cloudflare
etag
"584fd28e-16f0f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2BX93LNVyAhKMb4KLk%2BlObSXRy6zHEWLdn9unjaWD83apAGpeUcYiHoWnIs0TQ3pGtriERXDDcl8WTA05ZefXU3I9n4WD9JI9tOLzQnh2hOc6lO2TSTWSYZ5weOK9skMgHiJd2Cs"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
89dc85127b131945-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
data-breach.jpg
securityaffairs.com/wp-content/uploads/2012/04/
40 KB
41 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2012/04/data-breach.jpg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4211996b332a51e7f10984639094f316ab4b10b83794635e8822a654133c0f21

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182594
alt-svc
h3=":443"; ma=86400
content-length
41233
last-modified
Wed, 16 Dec 2015 07:09:26 GMT
server
cloudflare
etag
"56710e26-a111"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iJiT68%2BqMNLkO05vk%2BOk8dfBMFdvkyxwLX%2BdBpP9Rl1QT52baFJ5PhglAYb37Zyck2qmrUAXkD8bYC7nsZDziZdglVohHn%2BiOELhNrZNlSPneaLjEefbqG28pirjRz31rM4Ays1e"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
89dc85127b141945-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Resecurity-Banner.jpg
securityaffairs.com/wp-content/uploads/2024/03/
235 KB
235 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2024/03/Resecurity-Banner.jpg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f8e33084e855d45ffd07d52954f7cca447bc010a4bef3ec3b32a7e95de0543c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8935452
alt-svc
h3=":443"; ma=86400
content-length
240152
last-modified
Mon, 18 Mar 2024 13:38:31 GMT
server
cloudflare
etag
"65f843d7-3aa18"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ShwuZCaoxoXuayq8z9%2F7FBRXCd7DfkSDV2eYKkoO7PCXI3JRjwsRkeLiF%2FScGXb3MMdu9zUCYok0HivlmnQUfxeyzSC0he5GnSklEB3m2MqwcSJnRysd%2BhqDG6cFfk61MHqOyzV"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
89dc85127b151945-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
footer-logo.png
securityaffairs.com/wp-content/uploads/2023/08/
4 KB
4 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2023/08/footer-logo.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b253964206a6ce075557f8735e7b57268338885e821f317bc63c6616e75c7b60

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8935452
alt-svc
h3=":443"; ma=86400
content-length
3916
last-modified
Sun, 27 Aug 2023 14:33:08 GMT
server
cloudflare
etag
"64eb5ea4-f4c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LF6rWNVTZyhpG%2BhdQNka%2FvRMmWi2x%2FCeY3dSEPxynFZDiybUlGLxa9vqfZ0fKjY8baPykQzo5U7Jq8hQ8Xe8j7%2BNftFlp9IYnPOYHIYidOt%2FITSjZpdeCt3tLpdvdMUX1VtpbOkv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
89dc85127b181945-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
email-decode.min.js
securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 28 Jun 2024 11:26:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"667e9dca-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DcPDhRz8%2BzUr4qMMXVoWSxUL8NhOV64rBfCeRLxNEZHUgeadTNvfb8m9tQ%2B1gTexK8r6m5LXRoUiIXgTdqIdPVa2Dg%2FB%2FNcRG4ZQNneZA8BQeTlQrD%2BVbVIt46pJy1xYZz7u6rZ3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
89dc85121a9f1945-FRA
expires
Sat, 06 Jul 2024 04:54:52 GMT
index.js
securityaffairs.com/wp-content/plugins/contact-form-7/includes/swv/js/
11 KB
4 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.6
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21730
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 19 Jun 2024 22:21:35 GMT
server
cloudflare
etag
W/"667359ef-2cf9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kKb6B9O1M2HHK%2B5ODIhO5jXor6FsY2a0CtHd8xBSPLWWFsOOcMCboyxlJAY7TxvvDE9li3zWvvzEQ%2FzYWy%2BcOk%2FthXi0Vws8ml5mIaaXAc7RSnzU0kF3of3K4912P%2FWt%2B4EIJtIJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
89dc85121aa21945-FRA
expires
Wed, 10 Jul 2024 22:52:42 GMT
index.js
securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/
13 KB
5 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.6
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21730
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 19 Jun 2024 22:21:35 GMT
server
cloudflare
etag
W/"667359ef-32fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SOchKeVFohmJvenU1qLA%2Ba8RtR4RbeYKOrDzd2woeDKRtK%2BwPvSuXeeIus2BGj4E8K0fXIpNGnlRC2ySXYLluoWLOFIyCNfDuwbSCrkGd6RIyWAicEXfbM0MJOtCK4%2BpyasqPfQK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
89dc85123ac21945-FRA
expires
Wed, 10 Jul 2024 22:52:42 GMT
ssba.js
securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/
2 KB
1 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1686486772
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
201724
cf-polished
origSize=3110
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 11 Jun 2023 12:32:52 GMT
server
cloudflare
etag
W/"6485bef4-c26"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uou59sscKBKr7zT9wsol4%2FvYQf5KTj4KeQxRP2AKXXqFF%2FjOEDJ2D8c1xU1clG9dwM6w2qaRuvtn1p170H%2BNcarz8yUMT2Pqh2vnr0ML5ah%2FuqtsPkquF6Pwzicsi09WbhRDj%2BN5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
89dc85124acd1945-FRA
expires
Mon, 08 Jul 2024 20:52:48 GMT
jquery-3.5.1.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/
87 KB
34 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/jquery-3.5.1.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
63088
etag
W/"63ec8dba-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eA89ogiOt1PaMC9GaKwhSjOuwV0mbdnwa3a3HvTRayZdzLTdN3NuKc5e4ShN9Igc%2FoqafVGQU38gduAY4gUTO7hstjogK484sup2PE4kEtG2VPZgxR73JUHxK3SxGZlYNqmA6H54"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
89dc85127afa1945-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 10 Jul 2024 11:23:24 GMT
bootstrap.bundle.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/
77 KB
25 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/bootstrap.bundle.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
437855
etag
W/"63ec8db9-13397"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q8WkOEixJJhzLk9DvTfdi%2BEYC%2FZoBLDtqvvEJhR0t%2FLNVag0Wy0SMA4SPgTnGFm14gdv1nb9RD2g0R%2Fg9dauEKDzc8MprR3xW3P%2Fj3usPGcX3qehHfzQOAHOR0CJOD7LVNp8kGpq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
89dc85127afe1945-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 03:17:17 GMT
animation.js
securityaffairs.com/wp-content/themes/security_affairs/js/
3 KB
2 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/animation.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c03404e75c3b5dd3190080d5b678433a88aed86b17fba7685f8a36950414fb8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
449608
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
server
cloudflare
etag
W/"63ec8dba-b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aRs%2BySlb5G5qhA9cOybVfKWyDKTygTdxOA7REG8nDqkKQNO%2Bh0CxUt3%2BwAfCmggowWdcBCi5CpfcaWg4%2B25A2jNfrFYlwFU%2FgfWatv5VQm8dYVmECMEnZlavAIw5Pn%2FfF8Y8rwYN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
89dc85127b011945-FRA
expires
Sat, 06 Jul 2024 00:01:24 GMT
slick.min.js
securityaffairs.com/wp-content/themes/security_affairs/slick/
42 KB
12 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/slick/slick.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:45:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
449608
etag
W/"63ec8db3-a76f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jqGKyE7bL%2Fd%2BaYiJfXIIbvQ5XkMTmVZWBd9SByMN245PANsgz0QSSus%2FoIvI82tiVbp%2FuwzeAJDGeVDW2NCuMKNsklCv%2BU3UHiG%2BD4WwV1PQ5LMEslozVpUU%2FdGxlFlBZ9KE79bV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
89dc85127b031945-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 00:01:24 GMT
select2.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/
71 KB
23 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/select2.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
548289
etag
W/"63ec8db9-11dcb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PWQ4L2JoIMssTqfxzeNlzRIMlrqtvIhHZ83I0yLknMIW%2F7MFXTlFem0SHJ5NvAliX4AM1WMtH%2FWdoQo69L63wu4n3ugZFkGIUFUaUMVgnKNzgXdpIbqABCw5IMuwDdOy9kCvoMk2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
89dc85127b071945-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 04 Jul 2024 20:36:43 GMT
moment.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/
33 KB
13 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/moment.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b5dcd8c4de34bf3e2bbbb1499ef55172ca6a8c7124c5aaa04cc6ea48a084b8b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
436994
etag
W/"63ec8dba-857b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NQi2mCHXMLSZ0ym6arhXiiAiTfRTDtcF8BK1q8e7XIlyVCOC103ZSNoFG51OAHEhfD1i%2FvgReEvF5XHPsWQnh2CTWdojYV7G4EPkust5SNlestzxi122JzqS020g8RUDN1WJGZfY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
89dc85127b081945-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 03:31:38 GMT
bootstrap-datetimepicker.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/
23 KB
7 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/bootstrap-datetimepicker.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5220bfc9416c5b55c41b39baaf1744ed2ce2bec1b0e77382067dea40eec68ba2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
431518
etag
W/"63ec8dba-5a28"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qLD5Mcy7MT6Rxpczr7ftUJJS1KSMixpObRNTUYsrv9D3ALy%2B68KZMa4M25SdsTypYEQZs80IVg4GmpneaRNtNccNPO464A26vRzFVDFxp4tyN%2FiUpsDg7zSokxJEEaNDpq66YXsQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
89dc85127b0a1945-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 05:02:54 GMT
script-datepicker.js
securityaffairs.com/wp-content/themes/security_affairs/js/
236 B
653 B
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/script-datepicker.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e1de7132433ebaa0845af00ce1812287ba004d8288bf78b455f1d9f494f2ab

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
436994
cf-polished
origSize=552
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
server
cloudflare
etag
W/"63ec8dba-228"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V4P53I7fetHlMPwAGoZr0pv%2BMgCssxo8esjBYMbMJNCwjYExBqFoXPtPywKuedLPsrRBato5PjKrad8%2BOhv1U8mkmjBUDy6h6FDpWLF59jtkBZsrs5YpwsmeFr8VBt%2BMRdZAM8TF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
89dc85127b0b1945-FRA
expires
Sat, 06 Jul 2024 03:31:38 GMT
script.js
securityaffairs.com/wp-content/themes/security_affairs/js/
4 KB
2 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/script.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a65e356551523b3a3222147ddb49ea4dad9b21d38a9b590effd45d55fc94d03

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
449608
cf-polished
origSize=6278
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:46:01 GMT
server
cloudflare
etag
W/"63ec8db9-1886"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GR25Pg1R65b49dNT0B%2B8rbkMiVR9rqsRsOMlxbN3DXaVHrrVjSxRKqmC%2Bhp0018mgOQ6MlM3EUZSWP17IDP7BeCuCMV2d6z4gGY4QrvsjZsUgJExTwp%2BcA9gTSVmHoq%2FQ%2F8o9146"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
89dc85127b0e1945-FRA
expires
Sat, 06 Jul 2024 00:01:24 GMT
e-202427.js
stats.wp.com/
7 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202427.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-minify-cache
hit
x-nc
HIT ams
date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/14421-1717166113627.1218
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Sun, 29 Jun 2025 22:10:19 GMT
css2
fonts.googleapis.com/
34 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e98bf7b4b2c361aa2de0e8616c355c67d8deabf96c1dc60a1f88af516e87e7a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Jul 2024 04:45:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jul 2024 04:54:52 GMT
65f850d4db40be00131d1c63.js
buttons-config.sharethis.com/js/
927 B
1 KB
Script
General
Full URL
https://buttons-config.sharethis.com/js/65f850d4db40be00131d1c63.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=2.3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7600:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16c238246f72d6664babdd6dd27bc30813fb13fb633881a14a3f44445f6a2b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA6-C1
age
5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
927
last-modified
Mon, 18 Mar 2024 14:33:59 GMT
server
AmazonS3
etag
"9e18acbb6d773fab62392bf31b15ea82"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=60
accept-ranges
bytes
x-amz-cf-id
458dtG6IjdanQqLSX5qkqToQ2_A_XffJD56amPXfO89fAn1aDSCZYA==
pview
l.sharethis.com/
0
406 B
XHR
General
Full URL
https://l.sharethis.com/pview?event=pview&hostname=securityaffairs.com&location=%2F22121%2Fmalware%2Fjackpos-pos-malware.html&product=unknown&url=https%3A%2F%2Fsecurityaffairs.com%2F22121%2Fmalware%2Fjackpos-pos-malware.html&source=sharethis-share-buttons-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=JackPOS%20malware%20presented%20as%20a%20Java%20Update%20Scheduler&cms=unknown&publisher=65f850d4db40be00131d1c63&sop=true&version=st_sop.js&lang=en&description=JackPOS%20was%20detected%20by%20security%20experts%20at%20IntelCrawler%20firm%20several%20days%20ago%20and%20it%20seemed%20based%20on%20code%20from%20%22Alina%22.%20Attacks%20on%20POS%20are%20on%20the%20rise.&ua=%22Google%20Chrome%22%3Bv%3D%22126%22%2C%20%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22126%22&ua_mobile=false&ua_platform=Win32&ua_full_version_list=%22Not%2FA)Brand%22%3Bv%3D%228.0.0.0%22%2C%20%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%20%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22&ua_platform_version=10.0.0&uuid=7e1a9e3e-9d64-4a04-b5b7-aa375f0599b7
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=2.3.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.40.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-40-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 04:54:52 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://securityaffairs.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
search-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/
940 B
1 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/search-icon.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df70b268a34a8036eca2f536d670f59e142b877bf09ad993aec61417c7a4870

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
8929812
etag
W/"63ec8dd0-3ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nLaewoYukKA8usM9JSil%2Bziod0l343IzK%2BnmXk%2BmeCqt%2BczUeWzB7a8IEMW1qpsvamxt1jhks%2Bf6VAwBhbpvFfmANhKKpXFmI5DPg5zYJqQvlyN14zeJ2qECJnhfumU9H7lllADB"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
89dc85128b1c1945-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
b-arrow.svg
securityaffairs.com/wp-content/themes/security_affairs/images/
903 B
1 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/b-arrow.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
732fe1ff87d948c44d6d26af7aa89d8e1eb9eb8e00c372dadbacb51c0ba5865d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
8935452
etag
W/"63ec8dd8-387"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IAweGCaOM0v302etvhRE1akPoShNukOjcT4cY34xhUp4ziN7kZv9EQWm05urWi2ibSwxzH604bsQcjuLBKk6V%2F%2BHfzR7Nu9v%2Fa9vVZwZ6Z2Ao4kjzq2xMomesySmiA8gYHvi3Usr"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
89dc85129b2f1945-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 09:37:33 GMT
x-content-type-options
nosniff
age
587839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 09:37:33 GMT
fontawesome-webfont.woff2
securityaffairs.com/wp-content/themes/security_affairs/fonts/
75 KB
76 KB
Font
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/plugins.css?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/wp-content/themes/security_affairs/css/plugins.css?ver=1.0.0
Origin
https://securityaffairs.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3677
etag
"63ec8de8-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3SazInqx6dYpl1Te%2B984BYho%2Fyja5XJ8lhs2V9Cm8qVPYS8ZQoEEmbn%2BRIJtWqni6sPiGoy%2FYwg%2FfJoZQK0iV7GxZ7uRpA8atn5tKV9d2hvs0gVEF43Ma8r7elzbQRA%2F0jE9TrAG"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89dc85132bb01945-FRA
alt-svc
h3=":443"; ma=86400
content-length
77160
jackpos-4.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2014/02/
26 KB
26 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2014/02/jackpos-4.png?w=708&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
e5a60c03a7ac0033874b06898e7d33e5baa504587739cab70acbed545d69c1f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
26432
x-nc
MISS ams 3
last-modified
Thu, 04 Jul 2024 04:54:52 GMT
server
nginx
etag
"7a2b539fa921f2c1"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2014/02/jackpos-4.png>; rel="canonical"
expires
Sat, 04 Jul 2026 16:54:52 GMT
jackpos-5.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2014/02/
25 KB
26 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2014/02/jackpos-5.png?w=708&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
b34b10bbc97d3457a9e8c59779850e01d45160be2c72ac4e5f7bdb0eb3635cef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
25826
x-nc
MISS ams 3
last-modified
Thu, 04 Jul 2024 04:54:52 GMT
server
nginx
etag
"ef87970a18d2112e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2014/02/jackpos-5.png>; rel="canonical"
expires
Sat, 04 Jul 2026 16:54:52 GMT
g.gif
pixel.wp.com/
50 B
178 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=29506073&post=22121&tz=0&srv=securityaffairs.com&j=1%3A13.6&host=securityaffairs.com&ref=&fcp=0&rand=0.06653644181581075
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 04 Jul 2024 04:54:52 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
twemoji.js
securityaffairs.com/wp-includes/js/
17 KB
5 KB
Script
General
Full URL
https://securityaffairs.com/wp-includes/js/twemoji.js?ver=125e3add578297a09fe8f74fcc707c8e
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ade52260ad86871776c42acac58a2d5ba4c184dc7f54139d6a34af11343ca23

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
164932
cf-polished
origSize=32934
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 03 Apr 2024 23:01:03 GMT
server
cloudflare
etag
W/"660ddfaf-80a6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C6lEQDUXxpITOpbwVWxI6gKAjd2Gcrkt4YnVUjcrI3rmyDu1IMLnanMWO8BvmsWtYferUaSIW5pE5Crg47A9XObG%2BRk9qtdTD4gsObjSthWvWKa%2Faw5GGPoGni3K93gKZ8aXMUvy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
89dc85135be91945-FRA
expires
Tue, 09 Jul 2024 07:06:00 GMT
wp-emoji.js
securityaffairs.com/wp-includes/js/
4 KB
2 KB
Script
General
Full URL
https://securityaffairs.com/wp-includes/js/wp-emoji.js?ver=125e3add578297a09fe8f74fcc707c8e
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
164932
cf-polished
origSize=8969
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 29 Mar 2023 22:54:43 GMT
server
cloudflare
etag
W/"6424c1b3-2309"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HMpoX3j0NMiHbQAh3%2F%2BkBRvzWQ49L%2FTtrzccS5okhJBLJ1NeSaJY1PnQS0LxeHJsSFJAdyd9P4%2FbYM5lEBpgVhGhVyAKKaEpFiCLz9UuxoSIXWuF%2Bey%2F%2B%2FP%2FlrDhXuZhwP%2B4nvw%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
89dc85135beb1945-FRA
expires
Tue, 09 Jul 2024 07:06:00 GMT
schema
securityaffairs.com/wp-json/contact-form-7/v1/contact-forms/149934/feedback/
332 B
842 B
Fetch
General
Full URL
https://securityaffairs.com/wp-json/contact-form-7/v1/contact-forms/149934/feedback/schema
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4c44daa862528acfe0ba63fd3b5607dd12b146c172e556724efa0b8a9c1d7ad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, */*;q=0.1
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-edge-cache
cache,platform=wordpress
date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding, Cookie, Origin
allow
GET
content-type
application/json; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R8KGp4XgFwpp%2BltNL6QZguxw1KRDHvWk2i0hSy59iMJKMO%2FL4680whbDjL%2ByBfultoYVPWS%2BXx1gLZgAZM3mIUA0o9HK47Fh61IsmvFoG0rgF1qA%2Fmlu1YdYucYYHfo4aU036ZGw"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-robots-tag
noindex
link
<https://securityaffairs.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray
89dc85135bed1945-FRA
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407010101/
424 KB
143 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com&aplac=true&bust=31085041
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
a87125767e2fb5fc6faf71ff13e29600825d4ca4b3febf1925e33e4f7b930527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146551
x-xss-protection
0
server
cafe
etag
11776090677893795755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 04 Jul 2024 04:54:52 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8ZWTX5HC4Z&gtm=45je4730v893534898za200&_p=1720068892544&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&gdid=dZTNiMT&cid=74244860.1720068893&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720068892&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F22121%2Fmalware%2Fjackpos-pos-malware.html&dt=JackPOS%20malware%20presented%20as%20a%20Java%20Update%20Scheduler&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1977&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8ZWTX5HC4Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 04:54:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-NPN4VEKBTY&gtm=45je4730v9100359598za200&_p=1720068892544&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&gdid=dZTNiMT&cid=74244860.1720068893&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720068892&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F22121%2Fmalware%2Fjackpos-pos-malware.html&dt=JackPOS%20malware%20presented%20as%20a%20Java%20Update%20Scheduler&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1990&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 04:54:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
248 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NPN4VEKBTY&cid=74244860.1720068893&gtm=45je4730v9100359598za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 04:54:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NPN4VEKBTY&cid=74244860.1720068893&gtm=45je4730v9100359598za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=671114878
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 04:54:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240702/r20110914/ Frame CD5E
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240702/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com&aplac=true&bust=31085041
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
8458
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jul 2024 02:33:54 GMT
etag
2738592464165616
expires
Thu, 18 Jul 2024 02:33:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie-law-info-bar&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 04:54:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/pagead/ Frame 467F
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1720068892&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F22121%2Fmalware%2Fjackpos-pos-malware.html&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=28~30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=28~30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=28_16~30_5~27_8~29_11&aiixl=28_4~30_6~27_3~29_5&aslmct=0.7&asamct=0.7&aipaq=1&aisaib=1&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720068892704&bpp=6&bdt=378&idt=223&shv=r20240702&mjsv=m202407010101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=3814891453239&frm=20&pv=2&ga_vid=74244860.1720068893&ga_sid=1720068893&ga_hid=1743090004&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95330413%2C95334510%2C95334527%2C95334572%2C95334579%2C31085041%2C95335246%2C31084184%2C31078663%2C31078668%2C31078670&oid=2&pvsid=69947513321324&tmod=1987095207&uas=0&nvt=1&fsapi=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=243
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com&aplac=true&bust=31085041
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jul 2024 04:54:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
refill
securityaffairs.com/wp-json/contact-form-7/v1/contact-forms/149934/
2 B
653 B
Fetch
General
Full URL
https://securityaffairs.com/wp-json/contact-form-7/v1/contact-forms/149934/refill
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, */*;q=0.1
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-edge-cache
cache,platform=wordpress
date
Thu, 04 Jul 2024 04:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding, Cookie, Origin
allow
GET
content-type
application/json; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=taugaA53MXZaqQYJ0lTUFCMr0L1lXKmUm6Gizsv8%2B5r%2FezrunylIbTHHrv7pRx0YEROuLty5754SaiVVAy22g2nPFgrGv%2F%2Ft5%2FHFq%2FtUzREwi320ZX%2F5fmMPElMpngPNaJonhhfo"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-robots-tag
noindex
link
<https://securityaffairs.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray
89dc85158e011945-FRA
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240702&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com&aplac=true&bust=31085041
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
5a94c4181439947bda922cad1137533b0278371cd6e5b7b0bbe93e1140ddca04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12685
x-xss-protection
0
favicon.ico
securityaffairs.com/wp-content/themes/security_affairs/images/
333 KB
65 KB
Other
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
518c1b8ab40e50497d0ae29d5f42e968523bee5be0c6e990f140cb0a3de5b34d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/22121/malware/jackpos-pos-malware.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-edge-cache
cache,platform=wordpress
date
Thu, 04 Jul 2024 04:54:54 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Cookie
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cK5KZ73DgnHUKSwTeUV%2FPApynXtowXfnsJEkg9WLtzqq6hJQ1dNRBhSPzn2S6lbYb0ueSqkl%2Fw0N6II7JF9FaprUt2wJFKXeb8vgxONi7uLcKFsmxS054BOt1WOgSXtfW4%2FlOQfq"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400, must-revalidate
cf-ray
89dc85159e151945-FRA
link
<https://securityaffairs.com/wp-json/>; rel="https://api.w.org/"
alt-svc
h3=":443"; ma=86400
expires
Wed, 11 Jan 1984 05:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com&aplac=true&bust=31085041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://securityaffairs.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 04 Jul 2024 04:54:53 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2C6C
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
142827
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jul 2024 13:14:26 GMT
expires
Wed, 02 Jul 2025 13:14:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240702&jk=69947513321324&bg=!U1ClUB_NAAZ5zPvEWcw7ADQBe5WfOJyj4eCTMfwVRXzbrlpcfnQyTDy0OihGJs175v7YTTSDhhpDNrlEN29hrF1204wdAgAAACZSAAAAAmgBB34ANWvYGmRwbyXZTz9NYh5roxEvS4u7IX4vStEgEqNK1vSBCRnGIYj_j_SRnfpRbOG5j_NMieYMCgAHixFkjDb7GJkCqfImAjW7Q0TgV5vIVm6aKxPZsIJPl1Z8NFZvneN1bfELyo-jWkJMl2G8cUHmrPjopV2TyCLhyIs7w6eDZsMM3zlrTPuJ_xZ5l5dzvZeUn-_U5USY9bmaCKRJwycE08nL3j1kY6zt5SQR6YxMpkCpOQj0VbNlDlGTMUAvLOsOYeK1A9Jv0-2qGHigwqxMCkjRn8PlQ3UjeYoaO1dr2MDx7X2gOl61Vx-zg0h3zZNyhchNfKdf7TBoaDmrND2PScmb9x0MGThv0yfKE4Ggw-2RHncAE_U6V0LG55e-ctX8KFkxeke4QZc8yZYxHquDQsm94al861VH6X-cpl0RRi1FwXHP_nMaP1c14G46W68U6qN0bD0DFqXa7jwME5pg_wPr0NA5grBfPHVOLQ0N4dlOkSgem03THfNiIjQSd47mYNDANu_j6GmAxjGZmn7a8-LFMGUXQb4u-KguPHPjKnDqiMSjBTnk3X2jsGcIEqG7q0TXUjsJqCGmGOdxf8sVLeQ1l0VBNLZcUW5_q7d5XEBF0OHXe_wPtPEIz44JaoE6Qyk4tWUJiBPQdW8zRRqexff5n7wvi40XC9vcfQ65Zd2NAmjlM5TWblixfSdYakxhYvRW0qknYwATNkvfnj-SAde9uCKOgszW0o3W6L83C3kDj0rHVdkTMNsPlEkdCGfk7lRrv6MnkAyq4L3htEzXyQ9hOUrdeM4aLNG7MyeN1YCuHZX-aIczrCr6jTSrW2iUDzoEikHc8z9EBw4OpkKneyJMP8VK-qaTwdBiOI6hjO39ErKAzycZsnyA4zpkbS3r5PlGaVyz8B8wifX8hMCWmD959EpKcypj5m3MRrVUBuZyAOzT2xc6VbdRvVgDK0hHS1YG_0kru72HSQAUDA-m6QIl3PL6jj5_tbqpxg

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue function| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERENCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields function| gtag object| dataLayer object| swv object| wpcf7 object| Main number| uidEvent object| bootstrap function| WOW function| moment object| local_data function| IsEmail function| commentliked function| commentdisliked function| st_go function| linktracker_init object| wpcom object| _stq string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| gaGlobal function| onYouTubeIframeAPIReady object| wp object| twemoji function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

5 Cookies

Domain/Path Name / Value
securityaffairs.com/ Name: cookielawinfo-checkbox-necessary
Value: yes
securityaffairs.com/ Name: cookielawinfo-checkbox-non-necessary
Value: yes
.securityaffairs.com/ Name: _ga_8ZWTX5HC4Z
Value: GS1.1.1720068892.1.0.1720068892.0.0.0
.securityaffairs.com/ Name: _ga
Value: GA1.1.74244860.1720068893
.securityaffairs.com/ Name: _ga_NPN4VEKBTY
Value: GS1.1.1720068892.1.0.1720068892.60.0.0

1 Console Messages

Source Level URL
Text
network error URL: https://securityaffairs.com/wp-content/themes/security_affairs/images/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buttons-config.sharethis.com
fonts.googleapis.com
fonts.gstatic.com
i0.wp.com
l.sharethis.com
pagead2.googlesyndication.com
pixel.wp.com
platform-api.sharethis.com
region1.analytics.google.com
region1.google-analytics.com
securityaffairs.co
securityaffairs.com
stats.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
www.google.de
www.googletagmanager.com
pagead2.googlesyndication.com
142.250.186.99
142.250.74.194
172.67.140.211
188.114.96.3
192.0.76.3
192.0.77.2
2001:4860:4802:32::36
2001:4860:4802:34::36
2600:9000:2057:7600:c:abe:f440:93a1
2a00:1450:4001:808::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:82a::2001
2a00:1450:400c:c0d::9b
3.160.150.14
3.69.40.101
0ade52260ad86871776c42acac58a2d5ba4c184dc7f54139d6a34af11343ca23
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
13c74a3d594ad23aea83d2e896e0bfad0b527dfbdbb0c222dc52a481df3ec85c
1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2
165d6cf0440273d98a7ff9e3a3c996af430f251f139ce41bd21d2b995291a0ff
16c238246f72d6664babdd6dd27bc30813fb13fb633881a14a3f44445f6a2b5f
17edd30c836139dca04b425da3f51410bd1697ab74e0a77b75c028a3f180aaae
1c2c8820097bc25fb47e7ae471e1624741ce4ccec3b187ddac947013d33c4974
1df70b268a34a8036eca2f536d670f59e142b877bf09ad993aec61417c7a4870
1e0352c858984ddb68c11c0b8265ea2ae72ab8d29b4471f888d4cbd95fe881ef
24c96170c8307f6a1f4eff1fd0d355a91ebd6d208b809298dd2a75b238371390
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c03404e75c3b5dd3190080d5b678433a88aed86b17fba7685f8a36950414fb8
2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f
3024d568a2e131b54d080a4c7761e15b2a7cc57de2f8aed08927736fe5326f48
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4211996b332a51e7f10984639094f316ab4b10b83794635e8822a654133c0f21
4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
4b5dcd8c4de34bf3e2bbbb1499ef55172ca6a8c7124c5aaa04cc6ea48a084b8b
4c8a926c5629b8d3381939f473669740f47aff0b05c870f17e65de2b4d5e3942
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f8e33084e855d45ffd07d52954f7cca447bc010a4bef3ec3b32a7e95de0543c
508a8d88a4db7b5ef87b1d5b6fc60e56b7c5384b75b75b10e77f298ea108b510
518c1b8ab40e50497d0ae29d5f42e968523bee5be0c6e990f140cb0a3de5b34d
51e18fa3a179268df5763ae93f237dfa9ab4733b4e2791fe3cfeecca702a8832
5220bfc9416c5b55c41b39baaf1744ed2ce2bec1b0e77382067dea40eec68ba2
5a94c4181439947bda922cad1137533b0278371cd6e5b7b0bbe93e1140ddca04
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
61b5d4f52ec96a0aef85f731e618cb627749775534ae86976446f42350757392
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6828f1bdae5c7b89d801df314049a2d65159a4284ee530e5c848a153eadf8c87
72133d32df2afc6b9627d461268f0b37980034d4ab0a575912b80bcca5e6c609
732fe1ff87d948c44d6d26af7aa89d8e1eb9eb8e00c372dadbacb51c0ba5865d
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
79ef2c493105913ae8a012433b49e73fec9f4e3dfaf70723bcf66c3e3e0e09e9
7a65e356551523b3a3222147ddb49ea4dad9b21d38a9b590effd45d55fc94d03
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
82815a7dba0c18a1092121e80005ee37b0390b8b755a6dc8ba03e199ed3a2501
84e1de7132433ebaa0845af00ce1812287ba004d8288bf78b455f1d9f494f2ab
90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4
90bed464813fbd721e4991e83fe323e763f91294f98018462c2698d16e60ae5f
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
a21e3d4b193d36cbfab4d9cb007c5f531c86b7c3d5fbadc0ea2a20296330d536
a87125767e2fb5fc6faf71ff13e29600825d4ca4b3febf1925e33e4f7b930527
ac825c2e7eb874cfe862111097aa63158b575df11b0ea342814a5bc55f450b66
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be
b253964206a6ce075557f8735e7b57268338885e821f317bc63c6616e75c7b60
b34b10bbc97d3457a9e8c59779850e01d45160be2c72ac4e5f7bdb0eb3635cef
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0
c37f0638aea7427161e04791736d419b581672d91342c43f74fed6caaf93fc23
cc78f3f58a3d733bca062d304e4c68194331664d9d1b20b46f15adcd7b0fb356
cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c
d14ac78c42a86d12c55c05dc6caff32f8575b8dd76504d79a6b4dec4d4530eee
d68ea3f23e64014415c5d84543b69d8178e7dcb68ccc686e384f84965c125bb8
d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516
db2175fffb1a59f6b07a5b10c728a0d7cdbe90e33794678d0d958d4da934578b
db8d4f231a9a3ae516d0c2075d044e5df5e3aad331536b23bb8d2b9503269e0f
e2d4b7ac2cf724a064d15a4379ccca7a81c346dcb143f279d83a0e99f9563cc7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a60c03a7ac0033874b06898e7d33e5baa504587739cab70acbed545d69c1f1
e96379eb4b6430c032586b48e70b2b5f6e8c0a346f3efd89ad20aca93ca09d11
e98bf7b4b2c361aa2de0e8616c355c67d8deabf96c1dc60a1f88af516e87e7a4
eaade0e5f063f06ba9ec0303b6e2cf134e7e7ddedce6b51813880fe52bbb5de2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4c44daa862528acfe0ba63fd3b5607dd12b146c172e556724efa0b8a9c1d7ad
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe07645b41b2815706663cfa6af89540bb72b039c66672d56604ccc1cc602ec1