urlscan.io logo urlscan.io
SecurityTrails logo

securityaffairs.com Open in urlscan Pro
2606:4700:3031::ac43:8cd3  Public Scan

Go To Rescan Add Verdict Report
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Submission: On October 17 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 3 countries across 19 domains to perform 118 HTTP transactions. The main IP is 2606:4700:3031::ac43:8cd3, located in United States and belongs to CLOUDFLARENET, US. The main domain is securityaffairs.com. The Cisco Umbrella rank of the primary domain is 769978.
TLS certificate: Issued by GTS CA 1P5 on August 20th 2023. Valid for: 3 months.
This is the only time securityaffairs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
50 2606:4700:303... 13335 (CLOUDFLAR...)
2 13.32.27.7 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
2 192.0.77.2 2635 (AUTOMATTIC)
2 192.0.76.3 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
1 52.57.180.141 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:212... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 108.138.1.25 16509 (AMAZON-02)
1 2620:116:800d... 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 2600:9000:212... 16509 (AMAZON-02)
1 65.9.95.30 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 2606:4700:303... 13335 (CLOUDFLAR...)
4 52.222.209.4 16509 (AMAZON-02)
1 52.57.12.122 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
118 31
50    2606:4700:3031::ac43:8cd3 (United States)

ASN13335 (CLOUDFLARENET, US)
securityaffairs.com
2    13.32.27.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-7.fra56.r.cloudfront.net
platform-api.sharethis.com
3    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
6    2606:4700:10::6816:3bc7 (United States)

ASN13335 (CLOUDFLARENET, US)
services.vlitag.com
assets.vlitag.com
2    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i0.wp.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:206f:1800:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
1    52.57.180.141 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-180-141.eu-central-1.compute.amazonaws.com
l.sharethis.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
5    2600:9000:2127:6400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.quantcast.com
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    2600:9000:225e:7600:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.cmp.quantcast.com
1    2600:9000:2127:5a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    65.9.95.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-30.prg50.r.cloudfront.net
config.aps.amazon-adsystem.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
7    2606:4700:3037::ac43:9e3b (United States)

ASN13335 (CLOUDFLARENET, US)
px.vliplatform.com
4    52.222.209.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-4.fra56.r.cloudfront.net
aax.amazon-adsystem.com
1    52.57.12.122 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-12-122.eu-central-1.compute.amazonaws.com
audit-tcfv2.cmp.quantcast.com
3    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
50 securityaffairs.com
securityaffairs.com — Cisco Umbrella Rank: 769978
2 MB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
222 KB
8 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 334
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 657
aax.amazon-adsystem.com — Cisco Umbrella Rank: 426
69 KB
7 vliplatform.com
px.vliplatform.com — Cisco Umbrella Rank: 29881
2 KB
7 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 3294
test.cmp.quantcast.com — Cisco Umbrella Rank: 11071
audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12881
218 KB
6 vlitag.com
services.vlitag.com — Cisco Umbrella Rank: 35079
assets.vlitag.com — Cisco Umbrella Rank: 43448
341 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
166 KB
4 wp.com
i0.wp.com — Cisco Umbrella Rank: 4163
stats.wp.com — Cisco Umbrella Rank: 3047
pixel.wp.com — Cisco Umbrella Rank: 2968
554 KB
4 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 4594
buttons-config.sharethis.com — Cisco Umbrella Rank: 5262
l.sharethis.com — Cisco Umbrella Rank: 4877
93 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
225 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2714
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
imasdk.googleapis.com — Cisco Umbrella Rank: 498
125 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
2 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1263
634 B
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1348
9 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
612 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6147
408 B
1 gstatic.com
fonts.gstatic.com
48 KB
118 19
Domain Requested by
50 securityaffairs.com securityaffairs.com
7 px.vliplatform.com securityaffairs.com
7 pagead2.googlesyndication.com securityaffairs.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 cmp.quantcast.com services.vlitag.com
cmp.quantcast.com
4 aax.amazon-adsystem.com c.amazon-adsystem.com
4 services.vlitag.com securityaffairs.com
services.vlitag.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 c.amazon-adsystem.com services.vlitag.com
c.amazon-adsystem.com
3 www.googletagmanager.com securityaffairs.com
www.googletagmanager.com
2 securepubads.g.doubleclick.net services.vlitag.com
securepubads.g.doubleclick.net
2 assets.vlitag.com services.vlitag.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 i0.wp.com securityaffairs.com
2 platform-api.sharethis.com securityaffairs.com
1 www.google.com tpc.googlesyndication.com
1 audit-tcfv2.cmp.quantcast.com cmp.quantcast.com
1 cdn.jsdelivr.net assets.vlitag.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 rules.quantcount.com secure.quantserve.com
1 test.cmp.quantcast.com cmp.quantcast.com
1 secure.quantserve.com cmp.quantcast.com
1 imasdk.googleapis.com services.vlitag.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.google.de securityaffairs.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 pixel.wp.com securityaffairs.com
1 fonts.gstatic.com fonts.googleapis.com
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 fonts.googleapis.com securityaffairs.com
1 stats.wp.com securityaffairs.com
118 34
Subject Issuer Validity Valid
securityaffairs.com
GTS CA 1P5		 2023-08-20 -
2023-11-18		 3 months crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-05-20 -
2024-06-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
vlitag.com
GTS CA 1P5		 2023-09-28 -
2023-12-27		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
cmp.quantcast.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Frame ID: 7A81E7CEE88D7483A2C25710D9BA4EAC
Requests: 111 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: 65AC46A433F0ABF1AD38F76BFE135837
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1697543773&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F152569%2Fmalware%2Fredalert-rocket-alerts-spyware.html%3F_gl%3D1&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550972955&bpp=3&bdt=462&idt=258&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=177246528972&frm=20&pv=2&ga_vid=422661789.1697550973&ga_sid=1697550973&ga_hid=698976237&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31078702%2C42531706%2C44805112%2C44805919%2C31078297%2C21065724&oid=2&pvsid=615959684957671&tmod=254611828&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=284
Frame ID: 6E79CCC4331F68D7AB91147B85096529
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A4CF2D02607DB0F931055CCEE6DBA91B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4441C266E4839D9A5C705D8D1308F380
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Malware-laced 'RedAlert - Rocket Alerts' app targets Israeli users 

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

118
Requests

99 %
HTTPS

73 %
IPv6

19
Domains

34
Subdomains

31
IPs

3
Countries

3906 kB
Transfer

8508 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

118 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request redalert-rocket-alerts-spyware.html
securityaffairs.com/152569/malware/ 		133 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1bd4f5d04adb957951ef7f662e225da10885757a8f87631f24f410c2ec30cb1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-edge-cache
cache,platform=wordpress
cf-ray
81790b276d1d65ad-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 13:56:12 GMT
link
<https://securityaffairs.com/wp-json/>; rel="https://api.w.org/" <https://securityaffairs.com/wp-json/wp/v2/posts/152569>; rel="alternate"; type="application/json" <https://securityaffairs.com/?p=152569>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8uzLmj9wJZFHWrps7ine9BgkUspUxWZOgncSwHW2GcqzwAv%2BSXd973DflkDVRWqlEoacK89Ik7DsAqfgeoH2E4vD1mbWFjIiSXcCg0FLqR6BoY395p3yklctQkj8VZuJVikyxzYG%2BcAMNsA1sjS13ndA"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-pingback
https://securityaffairs.com/xmlrpc.php
style.css
securityaffairs.com/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/css/dist/block-library/style.css?ver=e5159ded1becfac5024f991fea62073b
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32a42197dc440d45716dd692e63b89b7023bdd66b43d60de83e4de5750c83988

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
401386
cf-polished
origSize=112251
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:36:33 GMT
server
cloudflare
etag
W/"64d2c371-1b67b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVROMHi1JiBorQsbH7OlxJDvLCdRP100x8HfjkwcZKquH1r4hcXyv2WwGzXXsEkeK3zvTxYs6YngkbeV%2BZApSH37o4NjS73ABuNEJZSOSfJ52LCzRM5K195wy23cA565yF8xr%2BUoKMGdvf8zGPledu4i"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81790b2a280965ad-FRA
expires
Thu, 19 Oct 2023 22:26:26 GMT
mediaelementplayer-legacy.min.css
securityaffairs.com/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Dec 2020 23:31:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
597788
etag
W/"5fd15e34-2bf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wr1ZGotuxm8gNs09GKyOGrvci7Jb5PbDyePPRmt6NdCp9%2FL1wmYFACeWtfsHdEMbpyr14jIzrNdkhJJ2S2ugmtP7LRMzu4RpAaGrhpsngNjlZayKNb6dqpuH5HnHgkKYMmg18VPwZtC0MmIRg47BfQVB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81790b2a280b65ad-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 17 Oct 2023 15:53:04 GMT
wp-mediaelement.css
securityaffairs.com/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/mediaelement/wp-mediaelement.css?ver=e5159ded1becfac5024f991fea62073b
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
391831
cf-polished
origSize=4960
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 13 Nov 2019 23:52:08 GMT
server
cloudflare
etag
W/"5dcc9728-1360"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBop7CuXWVlZLXTqeOXw3Mr5qW088tU7T5a7G%2F59NJoRUbVH6NrOi3XHgJA8u9LNITRcf1sLYZZwEDexSo6CqM6yMFG5s8kcv6LkHbApCq4LrxjCNHVzhkNMP5l7QUsv%2FS0diVEhvOPe1E0eNrdW%2Fljn"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81790b2a280c65ad-FRA
expires
Fri, 20 Oct 2023 01:05:41 GMT
styles.css
securityaffairs.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
138202
cf-polished
origSize=2859
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 01 Oct 2023 09:21:53 GMT
server
cloudflare
etag
W/"65193a31-b2b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JeyNwS7%2FpQprN5Ikx0wtmAFISrecp7xTbBT8kBhLSxsEgeRXQIWh3JhNR3vJdW%2FvOxX5TdpNSPYLeuDbNsthnbIvBW%2Bnm1Ntmpo2yeuhLOY5uLHKm89B%2FG4FzHmEZaKyhzTH53ppN6LKv0DeD%2B9UvAUJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81790b2a280d65ad-FRA
expires
Sun, 22 Oct 2023 23:32:50 GMT
cookie-law-info-public.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.1.5
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55688
cf-polished
origSize=3106
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 16 Oct 2023 22:05:13 GMT
server
cloudflare
etag
W/"652db399-c22"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsPvxDzQ55%2BF5jVwuGvW7R1a7ry5sN6hsky%2FoF4vBsbQ8XANOiT5MhdJWA9N%2FKRNotU%2FbRpVHzF7u449C9tjEA3T%2Bog3A5JWX%2BTJZw7WGMazZkn5d4ZOfBav%2BKJQ9EbVDoOLLRFW6hD3uVEe8YjZuFs9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81790b2a280f65ad-FRA
expires
Mon, 23 Oct 2023 22:28:04 GMT
cookie-law-info-gdpr.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.1.5
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55688
cf-polished
origSize=27249
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 16 Oct 2023 22:05:13 GMT
server
cloudflare
etag
W/"652db399-6a71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwz327PDymnJAKEEzqnFg0FGQ9m%2FCmcR2SbtI6L6plPBSwkXCAJz0xSBR2w10vP80MlX3b7sqCx18R0Wao%2BhwqinBiOVVthZjmYk7jdq4le4o8y4Fo%2BYUthd5ghsOP66aZs0XU6Fo%2BddLnKvjKwvyRqB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81790b2a281065ad-FRA
expires
Mon, 23 Oct 2023 22:28:04 GMT
mu-style.css
securityaffairs.com/wp-content/plugins/sharethis-share-buttons/css/ 		0
350 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=1690839156
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
330498
cf-polished
origSize=26
alt-svc
h3=":443"; ma=86400
content-length
0
cf-bgj
minify
last-modified
Mon, 31 Jul 2023 21:32:36 GMT
server
cloudflare
etag
"64c82874-1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ax9DT8nTCezBlfyGLMnQwp8OJl5LnYgXdu55glNVZ3ZpkLPTNaJnIZXTlkpUtkIAADSHGWWYTuRMJcrOt8WbtEAHCmlpRabq5AWchJlRaxiVeqTWjB4%2Fs6pllf3patxrX5HC%2BBEt8BfKFLNmqRzpar2o"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
81790b2a281365ad-FRA
expires
Fri, 20 Oct 2023 18:07:54 GMT
form-basic.css
securityaffairs.com/wp-content/plugins/mailchimp-for-wp/assets/css/ 		2 KB
919 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.9.9
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90bed464813fbd721e4991e83fe323e763f91294f98018462c2698d16e60ae5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55688
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 09 Oct 2023 22:09:35 GMT
server
cloudflare
etag
W/"65247a1f-654"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nolrtcF10IM%2FZrCy77J5xduJz888CwTUPmPRlJTCR38W4bxl3%2Bk2rfaQsLCPvu0o1w74jLEJG1cdTSml4Jtqj2QKk%2FvVAJyPCUadvlTFcrpnA5kqLVk6Hv6cAAaR26qwY6HjxttWG9cguZDgKWow7hR%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81790b2a281565ad-FRA
expires
Mon, 23 Oct 2023 22:28:04 GMT
bootstrap.min.css
securityaffairs.com/wp-content/themes/security_affairs/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/bootstrap.min.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:47:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
330498
etag
W/"63ec8df4-260c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRn5ogclVHH8DGj9t28ka7NXhSlDAk06r%2B0cQmXF5qOHPLUO5IO4HbaagriXLaelez3eyPRes%2B9aB28RpTlRquV%2FRI769sqJSGn6HnXpee2fsdvQIzg44FcDGEXbZ9qki4az8IWTClG95AJqAPBMAYw8"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81790b2a281665ad-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 20 Oct 2023 18:07:54 GMT
plugins.css
securityaffairs.com/wp-content/themes/security_affairs/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/plugins.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
330498
cf-polished
origSize=31000
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:47:01 GMT
server
cloudflare
etag
W/"63ec8df5-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Ma2u5pSFZ14v3UZ4%2FOely5XhY9igAsWvFTBph8cb68Rv7wi8Z3sOAjdhv%2BCrZlkOA2LFaN2PNObcM0NXqmSJlQJl0xr4dxwqBJDwz%2F0EhAnluhocvFCgOK3d8tPS0c%2FfaJe8IwNJ5kuCGafs2Ft2zm2"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81790b2a281765ad-FRA
expires
Fri, 20 Oct 2023 18:07:54 GMT
animation.css
securityaffairs.com/wp-content/themes/security_affairs/css/ 		44 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/animation.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaade0e5f063f06ba9ec0303b6e2cf134e7e7ddedce6b51813880fe52bbb5de2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
138202
cf-polished
origSize=45516
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:47:00 GMT
server
cloudflare
etag
W/"63ec8df4-b1cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uf8Fn8xgWU0WEj%2FQMlnEButyZqYi9m6CCk6kQYFBqarLi0Kwf4B61y66J%2BgI8ykeqUJXn9qV%2BxfD66EqbITX23ZKt4XnZbkmyGt5DG%2BtvuxziAuwe6EOdnEanbxlgUPZyUK%2Fw6W8hGiHSQYtpRF0cD0Z"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81790b2a483365ad-FRA
expires
Sun, 22 Oct 2023 23:32:50 GMT
select2.min.css
securityaffairs.com/wp-content/themes/security_affairs/css/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/select2.min.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:47:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
138202
etag
W/"63ec8df5-3f88"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icL7B8%2BhJ7reJJkiaF0LmKNHPyoJiw6TnuHun5AFxBGPFcJRwRzuiWTKxDXATxwFK0B9i3igFU51HufaY0hGrbVi26NVMC5frkzXR1g0TbvNi%2FIHddV5rJdtYVjfc7NmCzkyKU5ZA9zOmHAOHXrbjJg8"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81790b2a483465ad-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 22 Oct 2023 23:32:50 GMT
bootstrap-datetimepicker.min.css
securityaffairs.com/wp-content/themes/security_affairs/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/bootstrap-datetimepicker.min.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
165d6cf0440273d98a7ff9e3a3c996af430f251f139ce41bd21d2b995291a0ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:47:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
327187
etag
W/"63ec8df5-13c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YB%2FBGNkV7JcCEOBh1Oduog8%2FjzTCW2wtwi9rgZQIl4kCg1tSdoOWg%2F7qtCtrfUgymwSTn0spg39Ps623N%2FaPBTUczYV1HSGQqL4HjDDoRWSPYhBaMPYvZ5EqQo%2Bm9NCUyV6HwQTmk5WhZd1luScgkwA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81790b2a483565ad-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 20 Oct 2023 19:03:05 GMT
style.css
securityaffairs.com/wp-content/themes/security_affairs/css/ 		62 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac825c2e7eb874cfe862111097aa63158b575df11b0ea342814a5bc55f450b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
327187
cf-polished
origSize=63687
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Aug 2023 19:58:52 GMT
server
cloudflare
etag
W/"64dd2a7c-f8c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wp1AShY%2F7pXkdKV26TZyxAS2tg1OTV1lkqeVxtnlLR1tSDWbqcBBFNHR7%2BGFkgITkumeHZpqqY9FX7JvveG1oI4rjqiJTi5dCmv45V6Iz0XNDr5KF1Ba0blZ8J8Up3rTQ3mbvhWcvpcOHwyXtiWMUEhy"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81790b2a483665ad-FRA
expires
Fri, 20 Oct 2023 19:03:05 GMT
slick.css
securityaffairs.com/wp-content/themes/security_affairs/slick/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/slick/slick.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a21e3d4b193d36cbfab4d9cb007c5f531c86b7c3d5fbadc0ea2a20296330d536

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
127573
cf-polished
origSize=4922
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:45:55 GMT
server
cloudflare
etag
W/"63ec8db3-133a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvcbrVpIy0oGZdt%2Fk1OpAxK7savTvVLATGk5DGbq3kDipPQw2bEVmmpqc8iBSFTL5FH73fd4HNS1SOp04TmohpP7VuThAwjqcFToxSMVmK9NQma69u%2BSeMFUGRse06%2FuLL7YDa8srLmwzluQGKv%2FJZyp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81790b2a483765ad-FRA
expires
Mon, 23 Oct 2023 02:29:59 GMT
jquery.js
securityaffairs.com/wp-includes/js/jquery/ 		138 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/jquery/jquery.js?ver=3.7.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42638cf7ce147ae414ebf639d0c94c85b08018380903afb94e2190b1d4adb317

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
49005
cf-polished
origSize=285016
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:36:33 GMT
server
cloudflare
etag
W/"64d2c371-45958"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvYvJsD0khyslh1dMQU3neonZ0VAUsiYxdphMfKJQxlMT%2BuRN4BvYTV%2Fb1cIAyboLeF7NnGx7lWMgYT7KHlBz6EBlJwy1p2GjghN5bTDYgQ99%2BeJUk5liCqfowVgTuSpxONmPFG%2B9WlwRzkG7XiUXdnF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
81790b2a483865ad-FRA
expires
Tue, 24 Oct 2023 00:19:27 GMT
jquery-migrate.js
securityaffairs.com/wp-includes/js/jquery/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/jquery/jquery-migrate.js?ver=3.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82815a7dba0c18a1092121e80005ee37b0390b8b755a6dc8ba03e199ed3a2501

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
562876
cf-polished
origSize=31978
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:36:33 GMT
server
cloudflare
etag
W/"64d2c371-7cea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ht0Ghzzljo76EVf5TFFBs5MFkiYvSLNBc6Y0ZegfDCpv6i7lIM8xGUZFAmk6JTjyHy%2Bi4yWYBgTbS6UfwzJw1KLm75gKvDw72tMUBzPt%2FNR2YDSfSsTFOmf92OTvN1YEVevZlLH72EsV1CjZ306ijSAj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
81790b2a483965ad-FRA
expires
Wed, 18 Oct 2023 01:34:56 GMT
cookie-law-info-public.js
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.1.5
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55898
cf-polished
origSize=34179
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 16 Oct 2023 22:05:13 GMT
server
cloudflare
etag
W/"652db399-8583"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kh5NV%2BsJ7MFF%2FAg0ebNNj4PzriVAvs5pdegE98wpbi%2BYMAQRFV0kw3qB2fFaSWpmpX1hNpMPXFpOphMq1qSUTYjY09eXf7BW%2FtH1Xv9H%2BheIutc7JaagypahrAourGe7VNG%2B8VqyUvPayjHs6gBytRv1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
81790b2a483b65ad-FRA
expires
Mon, 23 Oct 2023 22:24:34 GMT
sharethis.js
platform-api.sharethis.com/js/ 		203 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js?ver=2.1.8
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-7.fra56.r.cloudfront.net
Software
/
Resource Hash
73118f58510f80a1610100bd3dd56ef7328382a477a0430004be5b76e9a724dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:50:42 GMT
content-encoding
gzip
via
1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
age
330
etag
W/"32d37-ZSMPdNFuNLYLRj51RfdXTWzgHX8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
fxzlh4EZQlATZdey9n2JDirR5s06leBTUCGGoJr00Ui0vowIZZWPFA==
sharethis.js
platform-api.sharethis.com/js/ 		203 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-7.fra56.r.cloudfront.net
Software
/
Resource Hash
73118f58510f80a1610100bd3dd56ef7328382a477a0430004be5b76e9a724dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:48:52 GMT
content-encoding
gzip
via
1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
age
440
etag
W/"32d37-ZSMPdNFuNLYLRj51RfdXTWzgHX8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
m5gW-ct0kc0pw3xJO5DimkKPYLMVGl8-TbFpN-kPQI7_ydMz_ElmZw==
js
www.googletagmanager.com/gtag/ 		172 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-59069958-1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3130f21112b18a291c8326069d81b9b220413df0cee98b58a32390303b83326d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64112
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 17 Oct 2023 13:56:12 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
733db7ae4355ca413513d02711f452b7fbdc0794b1012d98b9642cff49ff8488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51268
x-xss-protection
0
server
cafe
etag
13706166161580755817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 13:56:12 GMT
js
www.googletagmanager.com/gtag/ 		265 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
13f680291be4636cf3b205b7ec1b21dc168b5452d0b3fc3971d6dcd61c20f2b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90636
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 17 Oct 2023 13:56:12 GMT
/
services.vlitag.com/adv1/ 		574 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5699ad7475ee8e4508c287ffe1f6a0dad33f08f13c63eaec0fea3790d6efd3f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
375
cf-polished
origSize=587811
etag
W/"221a5a398da89ace8729d1cd3c481ec7 2023-10-17T01:37:46 v1 default"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900, stale-while-revalidate=3600
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
81790b2b9ed718cd-FRA
alt-svc
h3=":443"; ma=86400
menu-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/ 		467 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/menu-icon.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ef2c493105913ae8a012433b49e73fec9f4e3dfaf70723bcf66c3e3e0e09e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
861836
etag
W/"63ec8dd3-1d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqt0Q%2BLV20QRnPoxOefegYx8TdtM135fNDgjiE9OH1cNxbkJNHPf8suN7qX2M46Dq9ELyJfEfFLPcaKTOEQlYLyGKcDEEF1AYGtE5N77JV2E27AfHy1Ojkiag3Xo7sytJ7XfRI3LHCyA1i7oqv%2B%2FQ1VJ"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
81790b2a483c65ad-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
securityaffairs.com/wp-content/uploads/2023/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/uploads/2023/08/logo.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51e18fa3a179268df5763ae93f237dfa9ab4733b4e2791fe3cfeecca702a8832

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1770172
alt-svc
h3=":443"; ma=86400
content-length
4751
last-modified
Sun, 27 Aug 2023 14:33:01 GMT
server
cloudflare
etag
"64eb5e9d-128f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlCVdwq6e%2BLqzasbCNrEJPZ3FANFEGDiOeZYaCft%2FgXO%2FliRe39W%2Be5FUZwMmgJaUDStfkm57eYK%2FuZBoDiSH0QRYeUzf%2Finf6dXVGjzxqifMMnCy%2FdWvLlerpNRPFoDd41y%2BtRKMggmR%2FIQ%2BQ2c2Y6P"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
81790b2a483d65ad-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
user-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/ 		987 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/user-icon.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e0352c858984ddb68c11c0b8265ea2ae72ab8d29b4471f888d4cbd95fe881ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4396361
etag
W/"63ec8dd5-3db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BFL%2Bq272MPU39vIX35kpYHHae3TMkLia01CCKQuD9LnvmcCJwqpWRHmGaIWh%2FMjoTYkv6ehaImU5cgIvS6Dq4i1SA382Tj63SGsrWkI1sQRMld2oIBFU3vDkEQ4i1iX3Wuk2VDZSABd9wsw%2BcxP4X8t"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
81790b2a8fc168f7-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
clock-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/ 		947 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/clock-icon.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b5d4f52ec96a0aef85f731e618cb627749775534ae86976446f42350757392

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4396361
etag
W/"63ec8dd5-3b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6gJ9lXzvcWJTKJYazM26SLi1hkjiPq33nwTRL8SYa4YzdU2kxjlMgrNSaHaPX07tIqiQLxkznJjkCmQm8W68QbUgCv7DxpLYI%2Fhqun2OK3ldDiLnvIZpYX9wSHoxAVJoNHGDl8gAxhMS9Pf4U%2BwR7Zb"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
81790b2a8fc468f7-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
image-40.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2023/10/ 		358 KB
359 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2023/10/image-40.png?fit=1600%2C1334&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
300214964c9f0376e4a69a233dca8e20ef2657511d866c04f65ea134873897c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 17 Oct 2023 13:56:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Oct 2023 07:11:31 GMT
server
nginx
etag
"dba206b473a6c0e9"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2023/10/image-40.png>; rel="canonical"
content-length
366990
expires
Thu, 16 Oct 2025 19:11:31 GMT
image-40.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2023/10/ 		191 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2023/10/image-40.png?resize=1024%2C854&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
391a145ad46a11041124ef84b4e30bfcc0966ef92d84ca49a48644384eaee6a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 17 Oct 2023 13:56:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Oct 2023 06:46:47 GMT
server
nginx
etag
"2a42d62329c28462"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2023/10/image-40.png>; rel="canonical"
content-length
195942
expires
Thu, 16 Oct 2025 18:46:47 GMT
Ukraine.jpg
securityaffairs.com/wp-content/uploads/2021/02/ 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/uploads/2021/02/Ukraine.jpg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65667ed82728c49377772bfb79241ca88554cef175f7102845fc26885bc94633

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
193812
alt-svc
h3=":443"; ma=86400
content-length
156525
last-modified
Wed, 24 Feb 2021 22:27:40 GMT
server
cloudflare
etag
"6036d2dc-2636d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PuF2hJMdWZGhPJramcHch6AwqJfU1GBSlXUsE40u0WRTWttkYIqxs4bB4AA0Wpf0MG9UshuIcka%2BqSlT%2BIPSwnZnI2HuVGhcIqHgYsWrKCP%2BVAz1BsP1e65ToiMqXzQfDhIOnerFMD4cpoUtWp1VAlYK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
81790b2b38a768f7-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Most-active-ransomware-gangs_Cybernews-photo.jpeg
securityaffairs.com/wp-content/uploads/2023/10/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/uploads/2023/10/Most-active-ransomware-gangs_Cybernews-photo.jpeg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86b26cecf6c5f789c87e37e75d51732a215f9afd93b994daa1a64178f03aa9c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15689
alt-svc
h3=":443"; ma=86400
content-length
91564
last-modified
Tue, 17 Oct 2023 08:55:46 GMT
server
cloudflare
etag
"652e4c12-165ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wGU8%2FQQh9s0uuP23rVtF2SACKTmi4351aJyeqylb%2BKfd02wOPRsTtvzeWYis%2Byfvy2ZOeKK86l5qQXLqt7IJBas4qdEa9uGCUwjhIyCeGS8k1Su4t98mP8AXXypT6q6toXOD%2F03IAAz8A%2FMqDsOnnBAH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
81790b2b38a868f7-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
image-40.png
securityaffairs.com/wp-content/uploads/2023/10/ 		724 KB
724 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/uploads/2023/10/image-40.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0edce8eaf23a52a5b84a7e7e20f2af6a5220cde29020b33ea1401a8ba31977d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26935
alt-svc
h3=":443"; ma=86400
content-length
741163
last-modified
Mon, 16 Oct 2023 23:13:44 GMT
server
cloudflare
etag
"652dc3a8-b4f2b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OzX75bLRzRPJFWqDuWmssNC2INxYZ50FxQ6BhsoEZO6QEeltkCwda3dM7BOaFr3aMSQ78cQggtJ5AurWkNgmgJ5OTDauz6qXVnQaIKWpVC23d4J7wgvYa4ZMAdJU%2BInN1BtTlDiuSG6eY7t51rNRpTyQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
81790b2b38a968f7-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
cisco-building.jpg
securityaffairs.com/wp-content/uploads/2014/07/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/uploads/2014/07/cisco-building.jpg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
811fd563577fcee718d9d8a580057ecc1d2cce675ef78a2f3acc9ed9957efe81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188927
alt-svc
h3=":443"; ma=86400
content-length
103342
last-modified
Wed, 16 Dec 2015 09:52:05 GMT
server
cloudflare
etag
"56713445-193ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHoRdfSdZ0L%2F%2BtFZowTqhBBdYjjRYrqCmfL6i6xGBaSkkT17jthW%2FZw4XjEdig1g382rC%2BouXPX0nwKukUay3bjEJXx6IDWobqnxo875FSYgi2VOwhq3Vkcd3cuoBobFWQGZC%2F3pYJwsho6MIYZ6LLot"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
81790b2b38aa68f7-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
signal-app.png
securityaffairs.com/wp-content/uploads/2016/08/ 		357 KB
358 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/uploads/2016/08/signal-app.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2d044f8521e3075f2ad58f32c4dc926a1cb184a5e270fca225c6638abffd445

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
88447
alt-svc
h3=":443"; ma=86400
content-length
365854
last-modified
Mon, 29 Aug 2016 07:10:00 GMT
server
cloudflare
etag
"57c3dfc8-5951e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FqqibTaSYVj4EB8s24bqlv8QfsdNkap7BNXQQ5QtHtiNcf0E0ObFadYcBWSYmVpBJHO6xVK1MKzMd5vHg%2F0ehVbsUwGTlbl2lJapTvDcy%2FSod4ZloKfeR1jle3IOdzDbMw56bb8RF9mLmpoiyQEl5AA"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
81790b2b38ab68f7-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
footer-logo.png
securityaffairs.com/wp-content/uploads/2023/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/uploads/2023/08/footer-logo.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b253964206a6ce075557f8735e7b57268338885e821f317bc63c6616e75c7b60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3417180
alt-svc
h3=":443"; ma=86400
content-length
3916
last-modified
Sun, 27 Aug 2023 14:33:08 GMT
server
cloudflare
etag
"64eb5ea4-f4c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrY5k6n7Wt4Sj%2FJsoRjkDs61ETU5wcLrNKcXAsv021XD61Vo4DBqFP46I%2Bmjg7YmqR%2B%2F%2BGqquhiARdmlSgDJQr66F5HNGQISiGLIBTB0kWC2uxwBfxqlr1C1iEaIVFDzZhvMvwcq02V%2B0d63%2FZd7tsUB"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
81790b2b38ac68f7-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
email-decode.min.js
securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 Oct 2023 07:45:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6523afb0-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ou3rqZMQuFy4V6vSXygBBkxvkVT%2BBHqH0%2FsHnBWxnLQIj2GKwVQQ9VNzN1h1%2FErzILSID7NWmcyQTbaohHRQLBKDe39R335nP%2B7M8Lv6vhIOYmWk7Obyh6JAR0UVgFq3xLroxyScUIV5ccaOPPnHpptr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
81790b2ab80668f7-FRA
expires
Thu, 19 Oct 2023 13:56:12 GMT
image-cdn.js
securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/ 		701 B
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
561246
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 01 Oct 2023 09:21:56 GMT
server
cloudflare
etag
W/"65193a34-2bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFdTPCYVfC%2FrGCRP6TtPDagl3%2FRF9wXnelHzl0a9N1ruCTzXslOC2doTOiB1fmcDGwQ4Rm1FyQlwu7sCYVy8uidzYnY11OuSyToP1vPAjuhqt3IxLh5KC6HzE3t0Rdm8yXuL6yD5vOSjuonQxDZhoabb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
81790b2ab80a68f7-FRA
expires
Wed, 18 Oct 2023 02:02:06 GMT
index.js
securityaffairs.com/wp-content/plugins/contact-form-7/includes/swv/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
178175
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 01 Oct 2023 09:21:53 GMT
server
cloudflare
etag
W/"65193a31-2a12"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TjoD6OxG%2BdAEbRDLtkJH17rxXS8XFV2ppkCICFN4%2BXTQX%2Fgihd4uieGa7ejGKIAoNnPWxuyQh3%2BecwYepA%2BcSbP59OuHb2gHS2FICKJYFdTR1%2BB2wI%2B1LEmR7RLsa%2FKHGTengbDDcblhv6EbYXmQ2Y9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
81790b2ae82b68f7-FRA
expires
Sun, 22 Oct 2023 12:26:37 GMT
index.js
securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
178175
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 01 Oct 2023 09:21:53 GMT
server
cloudflare
etag
W/"65193a31-328f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALlB6guqNH8q%2Ff5oYF3a2dCIAkRZ%2F15r1CTQDKur%2Fu5RbvrR4FNfyWg8kNNvkqgrrRwapXDLYG5ikh1EuW40qaOLIPzRca7rwQd5OC6CoRyz2MOFJY6Pa3A0HyHH5KNQiwHezm5yAyE5my6l3FVQYBpX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
81790b2af83c68f7-FRA
expires
Sun, 22 Oct 2023 12:26:37 GMT
ssba.js
securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1686486772
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
159029
cf-polished
origSize=3110
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 11 Jun 2023 12:32:52 GMT
server
cloudflare
etag
W/"6485bef4-c26"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zs9GqLSwbuQrIHjvyEn9skQlpU3ik1%2FiRFo0oHNRZfJfenXYSLHjArymJxjs6VVEAuV9%2F4rok%2F7jdk4L9mt1VBaSuk7VrK32Chrv4T33Uj0Rivjaez9p3OXSDIwDbBXDfLABrx97NbrvYX31uFXyLAaF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
81790b2b389568f7-FRA
expires
Sun, 22 Oct 2023 17:45:43 GMT
jquery-3.5.1.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/jquery-3.5.1.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
137152
etag
W/"63ec8dba-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UT%2Fbk4WyKHA3wwP6uae0tD8DvrDnrDViujwEvXYgFeG1ItmDfnQvcLYbwJzI1euoCZSwcJsz%2FYD4LYtC1oP0%2FJfS102U8udpeH9BEOE7q4qCwl9G6%2FeUrjbQsYIMslKhr8%2BUKrPrFNOR93WljUkJK1%2BK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
81790b2b389b68f7-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 22 Oct 2023 23:50:20 GMT
bootstrap.bundle.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/ 		77 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/bootstrap.bundle.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
413065
etag
W/"63ec8db9-13397"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcrrhEeUJBs%2FomOfm3zI5i5Hw3EX8r3StBAAoPMglP0206Cz8ddgCkQrfz2R9BSWD92OldstdIiu8eFN4KB%2F%2BvxMzUDmPkb3ThlmeqCwUCkFapIkCKbHzsGw%2FZgvFdNamyvWpMVg1pXSAI0lW2j0t4RL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
81790b2b389d68f7-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Oct 2023 19:11:47 GMT
animation.js
securityaffairs.com/wp-content/themes/security_affairs/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/animation.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c03404e75c3b5dd3190080d5b678433a88aed86b17fba7685f8a36950414fb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
140074
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
server
cloudflare
etag
W/"63ec8dba-b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5h%2Ff4Y1HOSE21MwlFD2ippfHc6ztHIz2L1%2BStZLeMttBA3Xr4n4d82KjJWPmjz6UVEthQT3kGecciRwajar6P0IB%2F5IFqZPMlkDMcCvISoj9bWL1SfZz%2FkBzfHzey%2F%2BKJ0ZtmskJVycupNeC%2BrQWPY0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
81790b2b389e68f7-FRA
expires
Sun, 22 Oct 2023 23:01:38 GMT
slick.min.js
securityaffairs.com/wp-content/themes/security_affairs/slick/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/slick/slick.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:45:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
140068
etag
W/"63ec8db3-a76f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZKmCDZTbTyj%2BcFVt%2FHJlqtSHoxelzf4FuMBNOjtDOahMfBEaeh%2BHhzYGV4sQupiFPNHqXwHeLZva1Jnppa9AhHMJWgADy8G%2B%2FK%2F0f2AX%2FgVgDNSBzBlBloFIyh1hx639TMyopKQt%2FB04fjYkV3an1EZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
81790b2b389f68f7-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 22 Oct 2023 23:01:44 GMT
select2.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/select2.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
140067
etag
W/"63ec8db9-11dcb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVn3TccGMC4EMuHnOsHqfaNv48SaKiWFfiAB6nRF6m%2FLcT2Sj6CBPkLHq5EAobCgQpEMiNDerHL8%2FhtTU60lF1eBlLNfXM9kyiZPNBXVnq1UqA1trYTmpimAfsqvDEtPh1LWLXdv4M1OocYHH0Bhdh%2Fj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
81790b2b38a068f7-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 22 Oct 2023 23:01:45 GMT
moment.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/moment.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b5dcd8c4de34bf3e2bbbb1499ef55172ca6a8c7124c5aaa04cc6ea48a084b8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
140068
etag
W/"63ec8dba-857b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cWNBQWL7tJ5XdF6gl3gaYMnQv%2F7YNrdYeYNPJZ7L4xITSpd%2FH6gfSjSVPvBuomGcmUqeNm6VVHEXySSc%2FAx9vhF7efVplamqYXyLmpwvX9PyqFoKbWT4Y4yeCcIvbt4Xjndv8u2riRbQ2jLre2nZ%2ByXa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
81790b2b38a168f7-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 22 Oct 2023 23:01:44 GMT
bootstrap-datetimepicker.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/bootstrap-datetimepicker.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5220bfc9416c5b55c41b39baaf1744ed2ce2bec1b0e77382067dea40eec68ba2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
137152
etag
W/"63ec8dba-5a28"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hx%2BXA8kEZgoj7K5PaurFKPoW9rH3%2F4lhGSIPWNN02dPTWaFqeu0%2F9XPvn%2Fev1HgpllxJuUZ9eEaDvued4e9P3dkMblLKFC1sOMREoUcv%2F0HZ7jAExOuxxWJwseuAGMZLQhEaorzgiJ84Z8z%2Frj%2FYN6AD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
81790b2b38a368f7-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 22 Oct 2023 23:50:20 GMT
script-datepicker.js
securityaffairs.com/wp-content/themes/security_affairs/js/ 		236 B
666 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/script-datepicker.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e1de7132433ebaa0845af00ce1812287ba004d8288bf78b455f1d9f494f2ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
380617
cf-polished
origSize=552
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
server
cloudflare
etag
W/"63ec8dba-228"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCLvvvFWPb%2Fw5cACS9l94OYD4a5pq7QUF5YRsjkEz8t0iOftBMb5535ssGK32gTtjmWpNXmUHZPLAWrpfSA%2BXcxpUBR5eUwV92%2BQTN3o9JeOfhwWPo4aySEafW9vC%2FCGv0ebDSbDGbKzDzv7HPpmjlrs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
81790b2b38a468f7-FRA
expires
Fri, 20 Oct 2023 04:12:35 GMT
script.js
securityaffairs.com/wp-content/themes/security_affairs/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/script.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a65e356551523b3a3222147ddb49ea4dad9b21d38a9b590effd45d55fc94d03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
137152
cf-polished
origSize=6278
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:46:01 GMT
server
cloudflare
etag
W/"63ec8db9-1886"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49dBc9mUqS2nTSKQDitAgrQzpmRfLEROktO7rD85XYtGpro35kR1ivvvug3H4sCYC9Wcy78njvZ04sky70Atx5OPCLZ3q5tKmy3ckEA8ef2AZo%2BiS7DmdUE%2FyZ2Y2ow7FO1BpeDWUUkH9yZGr%2FibtALV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
81790b2b38a568f7-FRA
expires
Sun, 22 Oct 2023 23:50:20 GMT
e-202342.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202342.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT hhn
date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/13576-1684460848292.3706
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 14 Oct 2024 06:44:06 GMT
e76ed226-9a65-45cb-a6d6-1f1f287ea76f
https://securityaffairs.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://securityaffairs.com/e76ed226-9a65-45cb-a6d6-1f1f287ea76f
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09587fd0b4c984573371a553f082e27c4e4ba98f65130e1b1eb7c0b7699509e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length
5047
Content-Type
text/javascript
css2
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
170d329a585de03caa379e0e068e08b529ba2d693608db4166c3996328185c06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:07:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 17 Oct 2023 13:56:12 GMT
64b5cd2fd23b930012608ffb.js
buttons-config.sharethis.com/js/ 		927 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/64b5cd2fd23b930012608ffb.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=2.1.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1800:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
52f5e657405d02f0ab9761d8c352e50ddf0329275461a34ad512267f3b06c4db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C1
age
49
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
927
last-modified
Mon, 17 Jul 2023 23:22:28 GMT
server
AmazonS3
etag
"56f01d1dc4635d0cd55fc8c794bbe43b"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=60
accept-ranges
bytes
x-amz-cf-id
vLuYaOL6Zqhe6rR7ogP8LjWNUFhqrUzUN-d3Kb51Bp0jiJcvowUY-A==
pview
l.sharethis.com/ 		0
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=securityaffairs.com&location=%2F152569%2Fmalware%2Fredalert-rocket-alerts-spyware.html&product=unknown&url=https%3A%2F%2Fsecurityaffairs.com%2F152569%2Fmalware%2Fredalert-rocket-alerts-spyware.html%3F_gl%3D1&source=sharethis-share-buttons-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Malware-laced%20%27RedAlert%20-%20Rocket%20Alerts%27%20app%20targets%20Israeli%20users%C2%A0&cms=unknown&publisher=64b5cd2fd23b930012608ffb&sop=true&version=st_sop.js&lang=en&description=Threat%20actors%20are%20targeting%20Israeli%20Android%20users%20with%20a%20malicious%20version%20of%20the%20%27RedAlert%20%E2%80%93%20Rocket%20Alerts%27%20that%20hide%20spyware.&ua=&ua_mobile=false&ua_full_version_list=&uuid=db5a764e-1794-42c8-9f31-ce6704cc2dd6
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=2.1.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.180.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-180-141.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 13:56:15 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://securityaffairs.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
search-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/ 		940 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/search-icon.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df70b268a34a8036eca2f536d670f59e142b877bf09ad993aec61417c7a4870

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4396361
etag
W/"63ec8dd0-3ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrzL0qtuAmOxSjmrof%2FjPv%2BWdxptT72cHkMfBnfhSTJjuEi629mDmLUGvZySZTI5uNt7STFZuNkdfj1fNLfQdJQWgHDbzda2sMook7KLmOn18U6VF7kiCUEbu4EcjiTYwR45l4K0wa1wXJm3mb0ApRu%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
81790b2b48bd68f7-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
b-arrow.svg
securityaffairs.com/wp-content/themes/security_affairs/images/ 		903 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/b-arrow.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
732fe1ff87d948c44d6d26af7aa89d8e1eb9eb8e00c372dadbacb51c0ba5865d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4396361
etag
W/"63ec8dd8-387"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUkiREoUKPiT0N0mIbKzASZrgFPqDzH7EvQUHj33FZQG%2Bm9XqYsJUz88xmxagB6WtJNocefHZCH8nspYyoedMllKfvPj9schNI%2FgzEWQLQarTK00C0f1vc9umEzdTlVDhRzDSjQRJNDzr6FZ9%2FlGMlkX"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
81790b2b58c368f7-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:17:53 GMT
x-content-type-options
nosniff
age
416299
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 18:17:53 GMT
fontawesome-webfont.woff2
securityaffairs.com/wp-content/themes/security_affairs/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/plugins.css?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://securityaffairs.com/wp-content/themes/security_affairs/css/plugins.css?ver=1.0.0
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
442
etag
"63ec8de8-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6T%2BGLPIZw2d4a9YwDED7kJUZ3E2pjJtvYeHhQxM70hCHlYIhiSttPPtpe9%2B%2B2dz7SHFRjymOCapUrh2eyzeWM5IIY6LueBykm8ukeCYETteKBEe8bni8%2Fbpcev2FmGAEV3Mg%2FAaF64%2FEg9OD%2BH59VxG"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
81790b2b58d068f7-FRA
alt-svc
h3=":443"; ma=86400
content-length
77160
g.gif
pixel.wp.com/ 		50 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=29506073&post=152569&tz=0&srv=securityaffairs.com&j=1%3A12.7&host=securityaffairs.com&ref=&fcp=820&rand=0.5152082858933635
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 17 Oct 2023 13:56:12 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
twemoji.js
securityaffairs.com/wp-includes/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/twemoji.js?ver=e5159ded1becfac5024f991fea62073b
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a8c0bd86eee0230682ed29c5e30936b6b14ab02e1586692840ef8ea4de9dda6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
404396
cf-polished
origSize=33089
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 29 Mar 2023 22:54:43 GMT
server
cloudflare
etag
W/"6424c1b3-8141"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BV5plQ9qSJ7JJ%2FbTd2dzACU70FW36mtjJ8zaCZxOsgV5QAlcwsT67kDyWe3HOwY35dqvdkz8WJzysdsjj%2FRWkrXIIoHf5OekUC0%2BvL8Km847Av0BqLdH59P3iIyoVYFQ0ZYvT4rHFqrVf7wA%2F%2Fgxdqq9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
81790b2cbab068f7-FRA
expires
Thu, 19 Oct 2023 21:36:16 GMT
wp-emoji.js
securityaffairs.com/wp-includes/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/wp-emoji.js?ver=e5159ded1becfac5024f991fea62073b
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
404396
cf-polished
origSize=8969
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 29 Mar 2023 22:54:43 GMT
server
cloudflare
etag
W/"6424c1b3-2309"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKOTtUrICG3zVS5xdk3JIYPckhZXuYwc4B4jU1%2BEh5LK9Oy4lxU2m%2B5XHNj65oCjyysTnztLkcggwpnpNjHW3wcnihhtsbPNDh%2Fyqv4WNcAuppwOQlv6Eq%2Buql%2FRCUkwevxZMggh0uIi0G0i3%2B%2FU%2FZHD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
81790b2cbab168f7-FRA
expires
Thu, 19 Oct 2023 21:36:16 GMT
schema
securityaffairs.com/wp-json/contact-form-7/v1/contact-forms/149934/feedback/ 		232 B
770 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-json/contact-form-7/v1/contact-forms/149934/feedback/schema
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
804aa2016958413450a7751d3d63ea718f0ed5c5af48b65d765adf9ab2f1b139
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, */*;q=0.1
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cf-edge-cache
cache,platform=wordpress
date
Tue, 17 Oct 2023 13:56:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server
cloudflare
allow
GET
vary
Origin
content-type
application/json; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzq5qY1LWH3aHwq4CLTTQi61t85pGHW%2Bi2R91pZiIz8Revbvt%2Bgm4FJpmVwpVf5ZY5knRwnlFRGg7mbRyytMVrQ0ZXz70tWwjEsDqcLczPb21PpQqomcjYSV6vceiQL4zD8oLRdGqi0SGmBLENUmBiDa"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-robots-tag
noindex
link
<https://securityaffairs.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray
81790b2ccac868f7-FRA
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/ 		393 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd15935ad0b90e90ce6df3679fecec206da9fce762f2c35c132db215c78233da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136616
x-xss-protection
0
server
cafe
etag
12811246195189426599
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 13:56:13 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame 65AC 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3598
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 12:56:15 GMT
etag
2603938475786422795
expires
Tue, 31 Oct 2023 12:56:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
221a5a398da89ace8729d1cd3c481ec7.json
services.vlitag.com/cli/ 		42 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/cli/221a5a398da89ace8729d1cd3c481ec7.json?hn=https://securityaffairs.com
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0a1226e1c24e627edad8ff771a9fe2740f08e5b247e61b852fb8befab0ba205

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:56:13 GMT
cf-cache-status
BYPASS
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
private, no-cache, no-store, must-revalidate
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
81790b2d8ca3bb79-FRA
content-length
42
alt-svc
h3=":443"; ma=86400
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59069958-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 17 Oct 2023 13:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
391
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 17 Oct 2023 15:49:42 GMT
js
www.googletagmanager.com/gtag/ 		200 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8ZWTX5HC4Z&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59069958-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f643a7b0d142e7eaa9456d38a7a02793897ba216dbd04c9e5e7494867470e69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74682
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 17 Oct 2023 13:56:13 GMT
collect
region1.analytics.google.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-NPN4VEKBTY&gtm=45je3ab0&_p=698976237&_gaz=1&gdid=dZTNiMT&cid=422661789.1697550973&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697550973&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F152569%2Fmalware%2Fredalert-rocket-alerts-spyware.html%3F_gl%3D1&dt=Malware-laced%20%27RedAlert%20-%20Rocket%20Alerts%27%20app%20targets%20Israeli%20users%C2%A0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:56:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NPN4VEKBTY&cid=422661789.1697550973&gtm=45je3ab0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:56:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NPN4VEKBTY&cid=422661789.1697550973&gtm=45je3ab0&aip=1&z=1725906348
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:56:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8ZWTX5HC4Z&gtm=45je3ab0&_p=698976237&gdid=dZTNiMT&cid=422661789.1697550973&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697550973&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F152569%2Fmalware%2Fredalert-rocket-alerts-spyware.html%3F_gl%3D1&dt=Malware-laced%20%27RedAlert%20-%20Rocket%20Alerts%27%20app%20targets%20Israeli%20users%C2%A0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8ZWTX5HC4Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:56:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=698976237&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityaffairs.com%2F152569%2Fmalware%2Fredalert-rocket-alerts-spyware.html%3F_gl%3D1&ul=en-us&de=UTF-8&dt=Malware-laced%20%27RedAlert%20-%20Rocket%20Alerts%27%20app%20targets%20Israeli%20users%C2%A0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1752743883&gjid=582392651&cid=422661789.1697550973&tid=UA-59069958-1&_gid=1872421948.1697550973&_r=1&gtm=457e3ab0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1929161954
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:56:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		405 B
612 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.com&callback=_gfp_s_&client=ca-pub-4918072057181794
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0576894647aeb40e97127e1fc7f7b1a54995b5c7742ae9dcaa5fe018913d68fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
261
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6E79 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1697543773&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F152569%2Fmalware%2Fredalert-rocket-alerts-spyware.html%3F_gl%3D1&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550972955&bpp=3&bdt=462&idt=258&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=177246528972&frm=20&pv=2&ga_vid=422661789.1697550973&ga_sid=1697550973&ga_hid=698976237&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31078702%2C42531706%2C44805112%2C44805919%2C31078297%2C21065724&oid=2&pvsid=615959684957671&tmod=254611828&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=284
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 13:56:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie-law-info-bar&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:56:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vl.json
services.vlitag.com/vld/1697530914/ 		13 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/vld/1697530914/vl.json?page_url=https%3A%2F%2Fsecurityaffairs.com%2F152569%2Fmalware%2Fredalert-rocket-alerts-spyware.html%3F_gl%3D1
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
cf-cache-status
MISS
last-modified
Tue, 17 Oct 2023 13:56:13 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
81790b2ede3abb79-FRA
content-length
13
alt-svc
h3=":443"; ma=86400
221a5a398da89ace8729d1cd3c481ec7.json
services.vlitag.com/obj/1697530914/ 		38 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/obj/1697530914/221a5a398da89ace8729d1cd3c481ec7.json?cc=DE&hn=https://securityaffairs.com
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37f91e72a57b5c130fec3e6c66b507d9491e279a49bc775b788f2b3d47efce70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Oct 2023 08:23:00 GMT
server
cloudflare
age
15997
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
public, immutable, max-age=31536000
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
81790b2ede3ebb79-FRA
alt-svc
h3=":443"; ma=86400
choice.js
cmp.quantcast.com/choice/pCNAReJk6bG2R/soamaps.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/choice/pCNAReJk6bG2R/soamaps.com/choice.js?tag_version=V2
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:6400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2ed80b537e658858b2ebe3ebb7a8ff5fdb21089766a68419c0fc28153daac66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:55:33 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
last-modified
Mon, 11 Sep 2023 08:21:18 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
58
x-amz-server-side-encryption
AES256
etag
W/"80be8c66218699faf47d6f2ee2c359c1"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
xsjWq2W6GKB0ARoDmvVKGDVbNhx2MM9DsB8odbZnC1IUGLcPIqRCSQ==
prebid-7.48.0.js
assets.vlitag.com/prebid/default/ 		561 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95dbbacaaa6b78654b2b74da75fa16e9986ff82fe674aea184b07e643295c871

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 08 May 2023 07:36:47 GMT
server
cloudflare
age
876409
cf-polished
origSize=575587
etag
W/"6458a68f-8c863"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
81790b2f3c6d18cd-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 07 Oct 2023 10:59:23 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b24a8da584d97617113c00754e876f3cfd7c937275d37f253488d48781bc3e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29154
x-xss-protection
0
server
cafe
etag
926 / 19647 / m202310120101 / config-hash: 18273808332962768134
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 13:56:13 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		361 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6939afaeb559a7dd48bf40e39170c0f5ca2125984aeaca978d9491801f717bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126235
x-xss-protection
0
expires
Tue, 17 Oct 2023 13:56:13 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
age
876408
etag
W/"5dbbbcf2-9806"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
81790b2f3c6e18cd-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 07 Oct 2023 10:59:23 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		255 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:23:42 GMT
content-encoding
gzip
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 19:49:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
1952
x-amz-server-side-encryption
AES256
etag
W/"e1caada96468a3b669d0d0cc6ec9a23c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
BpZ_xcp-pONf1qXYddaBz38Vl1stSGlb9WAceTwks4XOH1vXWPF4OA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 04:36:58 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
33556
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
_PPYBa-s0Q0o8_sTdMcvJp5c_VtaStAAszHFfsBFwlOFzqOrXariiw==
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/pCNAReJk6bG2R/soamaps.com/choice.js?tag_version=V2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 24 Oct 2023 13:56:13 GMT
cmp2.js
cmp.quantcast.com/tcfv2/ 		160 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/cmp2.js?referer=soamaps.com
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/pCNAReJk6bG2R/soamaps.com/choice.js?tag_version=V2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:6400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
056c8acee66105032f878177b7d8925e6abffd1fab079c0b8c69322d86413214

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:14:55 GMT
content-encoding
br
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
2480
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Thu, 28 Sep 2023 19:02:48 GMT
server
AmazonS3
etag
W/"fc4e55a5d8f4ef863759040ad9a735b2"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
j4dU6AyAaOdv-47TA5Zw-bqNdNxGRWQFdIrG54JznwPTWFamyrgKRA==
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=soamaps.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7600:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2777728b6a843d0c9f4cf48ee4ae0d6578ee7c565c15c32c29e48640893d52ee

Request headers

Accept
application/json, text/plain, */*
Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 03:00:40 GMT
x-amz-version-id
RmBAvo2GdAadPfN30SZARmFQmvGShfQI
content-encoding
br
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
39334
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 11 Oct 2023 19:52:29 GMT
server
AmazonS3
etag
W/"aa4d81007eaebf13941b812e0f4690d2"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
RbSo3i1UUOK148w1ZYZe-p_-77SrHX8MeYIcBh-ELIRWP3X8Rx_n6w==
rules-p-pCNAReJk6bG2R.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-pCNAReJk6bG2R.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:5a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f76335e8788f66c0efc72c2d0db22496f8983e7ce66aaaa7c179f65fa08e5dae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:33:49 GMT
via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
1346
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Mon, 11 Sep 2023 08:08:12 GMT
server
AmazonS3
etag
"6436459cd8f96c5ded3826f77d21a550"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
8rkaSSzktQyp5I6cDLd2us3Av1dJ-IaL07k5-WVYKXwXZhOH7K6byg==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/ 		421 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f9c72ef22efe8a0e095464ab57ea0d5b6c24fa0abcd9439a1ffe1f522cca92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 10:46:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
11384
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134870
x-xss-protection
0
server
cafe
etag
11169537383484699631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 16 Oct 2024 10:46:29 GMT
9cf0c4f1-7630-476b-9141-f4472e005192
config.aps.amazon-adsystem.com/configs/ 		537 B
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/9cf0c4f1-7630-476b-9141-f4472e005192
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-30.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
8cb19dd370d8a0dd9ee570e546a789c88840bd443082943f099e4c87cdfff2bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:00:14 GMT
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PRG50-C1
age
3359
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
Wx5ZHnfu3SI3xTc0bE9yYcRZnwF7IQA6Ei2DN-x2AjbfecyoUtUXNw==
config
c.amazon-adsystem.com/cdn/prod/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsecurityaffairs.com&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 09:37:02 GMT
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
15550
x-cache
Hit from cloudfront
access-control-allow-origin
https://securityaffairs.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
pf9J2kzLIMPeCk42dMvlJWqMPuBa-gGtuWlcOJl8gEVlPsEErsaTGA==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231017
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645ffa5e4bd7d2398eb0639ad31670b6d7fb6c873fa2377d544f69388e932b16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
35720
x-jsd-version
1.0.1845
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-jnb7027-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"63c-ZRuZ9/NQ5klnEdrmGlNAHko4Jaw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNbYCMO2vIDzrQqga7F%2FoBQqlGuPuH5mhfj72%2BSvNtXDIjyk%2B4zJa5B54LWUmQ7m4rcLMxrJUOo2jXPv92fe9BYEpTx3eKkJ1xSKXLAlnFBrwrbNK5iU%2BXFDbfTi5htbL5t8YwAmxFCHqpCn2Gc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81790b312a9565b0-FRA
tf-v1.jpeg
px.vliplatform.com/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/tf-v1.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNTMPaKTyB-eeBr-PPqP-MKwy-trYKqrYrUZyaRzyzNhqut_cotvRws0NA
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
cf-cache-status
MISS
last-modified
Tue, 17 Oct 2023 13:56:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0gZCMbMsKvMH5fmmIc%2BhpFmVkQ56ny3WvzIT7vznkj1qh7i6sd%2FUEeWkjGDxJKX%2FnUsAA9K6SUaaee3Mdxk4nUS17Pp3SdpHA5k4WWN6RpQNIven8Fo0e%2FsnrvGZLeAfnN613LZPeUna2jBsnG37w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
81790b317f095d5b-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNKYKBerKt-MaZt-Pqaw-wAat-MaTMYMUyTAKrRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNTAaPYTRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
cf-cache-status
MISS
last-modified
Tue, 17 Oct 2023 13:56:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QwjToMKtORsx1znyysPl0A5qucXoX%2FfXqx%2ByXlRtpgNce68wJdBaPdtFYLHLZ2fWRnIu1M7fMvP5%2B%2BbnHFhu4iIMW2%2B5E9aqUALRmMM5vQ%2FMvgzVQDsCiF5OTr%2FhbBueUuVb7yvnZsh9oyIw2ALQyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
81790b317f075d5b-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNyAAUBAKB-rPqy-PZUr-wTqt-ryMZZtrKyqwPRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNTAaPYTRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
cf-cache-status
MISS
last-modified
Tue, 17 Oct 2023 13:56:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxwFACKJLJ2te5fZB24O4XKFx%2FDmQfRlnKNQk3vO7f40R0taYkmsq%2B4SA1AyCnVrXrG65dTS5k2eYrelNqYyU6YKLx%2FpDwr3XZq0c4kDkisV1g12fmttMSQqPI05IIZ0TrCazFg4Fq7EMg80m0S54w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
81790b317efd5d5b-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNqeMArBAA-BTZP-PqAA-MMAw-tTUyweZwrMZZRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNTAMBMBRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
cf-cache-status
MISS
last-modified
Tue, 17 Oct 2023 13:56:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MiyHQNJJE7lk0aJuDNGzO%2FW1cr9rrdbLpUIjLIXC1ykknf9aTkLx73Uz3jjuBiRcVtzm3opbIST8hIAG5bDloldbNI%2BXEnAJSc0d5Y05Dr9K1oiZFXYe1fBumM9a5q7tbc%2B90HadjCg8I2IHwPe6mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
81790b317eff5d5b-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNeBeUqUaa-UAyy-PwtB-arKr-qeUPqBwweKPaRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNTAMBMBRleNplR_yszuNyqslt
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
cf-cache-status
MISS
last-modified
Tue, 17 Oct 2023 13:56:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBogTSXzNShQ0XNHur63bSgKN2KeozOH%2B6ID2x09SmauLNE4Qn40G2DoNficGnirerVaiyefY3B5aFt1MnWaVJXhRtqpJBMzC0ubjRa3F7FXsNK%2BjCqmZboDE9SSsjENPirWJBdt5VizXO6rYKqAew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
81790b317f035d5b-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cmp2ui-en.js
cmp.quantcast.com/tcfv2/48/ 		280 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/48/cmp2ui-en.js
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=soamaps.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:6400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46af09a4b95a6d4752b77f2644420d30923309dde813616ddd982ad2791fb570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 03:50:53 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
115003
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
last-modified
Thu, 28 Sep 2023 19:02:13 GMT
server
AmazonS3
etag
W/"536ccb89e71d91899cbb40217285c9c4"
access-control-max-age
604800
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
4qpfuphmr5_9Gjgo-np3lJ30ZXF9Kw_5TjMfPq9s9zjYw3O4dYASBw==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F152569%2Fmalware%2Fredalert-rocket-alerts-spyware.html%3F_gl%3D1&pid=IujgAg2fbgI0z&cb=0&ws=1600x1200&v=23.919.1525&t=1000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_24493109421_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A109421%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-4.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
EKB15JZZFETNS19ACH1N
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
lcJRzGFDic2Wew1m9XZTmEt0bCSYba3tDQF1Z1fHheV1fjumxR4zaA==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F152569%2Fmalware%2Fredalert-rocket-alerts-spyware.html%3F_gl%3D1&pid=IujgAg2fbgI0z&cb=1&ws=1600x1200&v=23.919.1525&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493108383_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A108383%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_24493108383_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A108383%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-4.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
A9QAVR95200H5S5A3457
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
1S3I7Cwt1O3BguG3wQ1n1OooxFXDubGG08KpQ3gMd94wXw64DvyKLw==
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v3/ 		514 KB
64 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=soamaps.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:6400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
595572403ed3e55eb4508037f1fc712947c2dd503124ea8150038a5a21a6b698

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 23:59:25 GMT
content-encoding
gzip
via
1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
50219
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 12 Oct 2023 23:59:12 GMT
server
AmazonS3
etag
W/"3401f08477eaf9236fd5409e3d968dfc"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding
x-amz-cf-id
L6RW956RRFnArWYHwqn0N4S_8_VEu5rerGITacLMzgNFHvV-3Rznmw==
google-atp-list.json
cmp.quantcast.com/tcfv2/ 		141 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=soamaps.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:6400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f058511b904de35902f814231968fab5d08b56ce444e3fdefa0d33e9cf1ec5be

Request headers

Accept
application/json, text/plain, */*
Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 03:00:28 GMT
content-encoding
br
via
1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
39346
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 17 Oct 2023 03:00:26 GMT
server
AmazonS3
etag
W/"1e4d3cb991895e0ec4cdfbc78091c44d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
5BaJpFqVYM0D4hUgSBJqNdKEhuZaD1SGAgR2bPA3Q1Y41H1WWIGSZw==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F152569%2Fmalware%2Fredalert-rocket-alerts-spyware.html%3F_gl%3D1&pid=IujgAg2fbgI0z&cb=2&ws=1600x1200&v=23.919.1525&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493107667_1%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A107667%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-4.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
95F3E9NNBZKDRV0AMQ18
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
LRzVPHbMsF1QF2pO5mi0n7fRf-b4If_jBBAG2d2__538dz2jCBuxrg==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNTaUqMUYM-Uyra-PKrU-aAYr-UerqAPqUwwqyRdzNwqfftkRlmNBAAbYZARwlNqdqmgfRkjmNBAAbYZA,YZAbYZARrdzNqdqmgfRwkjNARmNTAKUUKRleNplR_yszuNyqsltRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
cf-cache-status
MISS
last-modified
Tue, 17 Oct 2023 13:56:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvPmV%2Bb%2BqQEISKKIITaHKYJaCcD8HvEj2yXZxKGbqM%2FwzN8pKKrbCtXuq6ELoOHXeMoMW4IKuJ7blqxqMQELRCk6F3X4%2F1hkO%2BCnpIm4TvfguHOozmiFj5d6wwGBoVLDWZphs32eAhDXNzYE7dMHfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
81790b317f055d5b-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F152569%2Fmalware%2Fredalert-rocket-alerts-spyware.html%3F_gl%3D1&pid=IujgAg2fbgI0z&cb=3&ws=1600x1200&v=23.919.1525&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493111310_1%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A111310%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-4.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
1BY7GCG7JFVJPNE9GNSG
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
afJcERNxBtHGfB65MFT_93Bu7Z6_X-_IC3sq5l7IHgbtR2WQ7KkflA==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNTABYArPr-Kewq-PTPM-wPZT-TPyaUZPaTTrYRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaA,KYMbaA,PUMbUARrdzNqdqmgfRwkjNARmNTTTBTARleNplR_yszuNyqsltRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
cf-cache-status
MISS
last-modified
Tue, 17 Oct 2023 13:56:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J4y30htKAOMQqvAcd3HWKXQnRrVLfkbWola8t68LvJo%2FX7u7hb%2F396obMNcf%2FLs1J9r%2Bf0CiZ62ivE0FPgnm6iiUtB0OPAuL5WKGtD0pisxnWLx8FN79leIbupeEOY78yMZpGPz0breqMZL50XHAqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
81790b317f0a5d5b-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
/
audit-tcfv2.cmp.quantcast.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22pCNAReJk6bG2R%22%2C%22domain%22%3A%22securityaffairs.com%22%2C%22publisher%22%3A%22Privacy%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.48%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22r%2BMOJ0bEosHXO9%2BmuMZCZA%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1697550973708%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-2uowcgb5dtskxtheluv7%22%7D
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/48/cmp2ui-en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.12.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-12-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 17 Oct 2023 13:56:13 GMT
content-length
2
content-type
text/plain; charset=utf-8
refill
securityaffairs.com/wp-json/contact-form-7/v1/contact-forms/149934/ 		2 B
635 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-json/contact-form-7/v1/contact-forms/149934/refill
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, */*;q=0.1
Referer
https://securityaffairs.com/152569/malware/redalert-rocket-alerts-spyware.html?_gl=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cf-edge-cache
cache,platform=wordpress
date
Tue, 17 Oct 2023 13:56:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server
cloudflare
allow
GET
vary
Origin
content-type
application/json; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zS8%2Fi0BHdE%2Bj4De85VGL3idCvnKs4jET1jk7JSk0B5msDMywRXSbSKzLZWQv1vlL%2FWxxLl0F1MHHBbEMUOFfX2%2BlaIM0OjxVQPcH7NchLVWz5ZGxfyMTiN9EuopRERFqX%2F5n%2BtOudVB7AsF8rLEIi%2Fl"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-robots-tag
noindex
link
<https://securityaffairs.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray
81790b328a2968f7-FRA
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02caf68f9f12893657a05ab9172f53c20bb0ce0e761d2072aff16802994419c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12072
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 Oct 2023 13:56:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A4CF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
7245
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 11:55:29 GMT
expires
Wed, 16 Oct 2024 11:55:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4441 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4f730efbdcee9c231a179029cf709b751b8f6a950a2a1193fa96e0574c33db53
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QZlhdoT03BHgFEXbNWFacg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-QZlhdoT03BHgFEXbNWFacg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 13:56:14 GMT
expires
Tue, 17 Oct 2023 13:56:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame A4CF 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 10:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
12376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 10:29:58 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4441 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=615959684957671&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame A4CF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?uJv09w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:56:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=615959684957671&bg=!dXaldjnNAAbFpEfJ5aQ7ADQBe5WfOBrbZpTlKbfpMUdx1AzuX8M69sUG2-AafCg9HM7mfmYQ70pgqL-hpwXzgDyRDaypAgAAAFhSAAAABWgBB5kC2_lvHSuEp9RVuUThmxN0AU-Y6XybbM0dr5G1pbmktGSy1-__S4_L-_9e7BYoqrxcHsVVafXBZZvDNaQYiRMM7Ksi1R7G96ngRPIoGu6PYNgd94YWR2WGkgEWinDoiwZgjVG-lSMzz-a9HiPGEcG7ZH87GBk7Hoxl4sP8pGkdcstl2K5ERK-DcHilT6ldtbN7P3merLiIfi3skW8g5uG5nCvyhpunDh-f8ulKMyCHtGm_NHCNY2FUsPMcdKmdn4xyW17nx8YnEo6vjLPnOcGRVx8ibJVFEoA2IVoV-h4QbSulAFzKn3p0CWrxZ9Fb4u1gSZk5ssCztdvMWhhTWAPy677FOCy4p9TqFuFzt0PckVb3ajWjiWiX3HYnXqyX_Q5JCZP95hXNaPIHfw5XXbK575Yv0NpXM4P3pNcbAG15GDJ7U0A7feEcAz1lCRBP1ggpGOMI3IDEwKl6MbVGMap7JyZ8qSdpe__adb-1TQhItRnzJ90_OTfxckJrZlPOynibsnYcvmVqo6M-KUHlxIVtjOhDPrN4eT79joDZtZpeEdSPj8GFj_2v7jy2EAPOlOT6hHDSLWzGhWHR2bG5uRa56EoeXFtb2atcjdrNK80Tpajs2sv86ujuBfOj-NtG4nChO93CtxW0ui2-w_EllNZIE4MTRFM8s3v1kmLDOkHSwe_QaIkMEidVSZrcwkhJ9OfQjELYS3duC_qHu_UNLphbOMcdN9SDJm-gXJx6AN762Ti7nqjeS-oPtV12MOgv68kurndWCx3MaKeQ5hot0xVm2VgGC2WBWKfSUawSowoNOdpkUfo3x1_K5yld3EU7CeKc-sRHFIk4yeqsw9pl_sq4yjkAux09aM3zNBiSl-DLKlbbb05RdmfmouKKVdDMBPmixlWFJniBKH5O2KikvCZFkwiFKrCrxiyLYiBLwuVrdFHWC3xipSrdBHr-9X0ZSgJfn8OONv4QI0KlnCSD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue function| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields function| gtag object| dataLayer object| vitag object| swv object| wpcf7 object| Main number| uidEvent object| bootstrap function| WOW function| moment object| local_data function| IsEmail function| commentliked function| commentdisliked object| _stq function| st_go function| linktracker_init object| wpcom object| google_tag_manager object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| regeneratorRuntime object| _PBCFG string| tagApi object| viAPItag string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal string| google_user_agent_client_hint object| twemoji object| wp object| gaplugins object| gaData function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| getEidsByVLI function| __tcfapi function| __uspapi boolean| __VLICMP object| $sf object| vlipbChunk object| vlipb object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| _aps boolean| apstagLOADED object| apstag object| _qevents object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog function| __tcfapiui function| quantserve function| __qc object| ezt object| _qoptions object| googletag object| observeElementInViewport object| apscustom string| cnsntv2 object| GoogleGcLKhOms

11 Cookies

Domain/Path Name / Value
securityaffairs.com/ Name: cookielawinfo-checkbox-necessary
Value: yes
securityaffairs.com/ Name: cookielawinfo-checkbox-non-necessary
Value: yes
.securityaffairs.com/ Name: _ga_NPN4VEKBTY
Value: GS1.1.1697550973.1.0.1697550973.60.0.0
.securityaffairs.com/ Name: _ga_8ZWTX5HC4Z
Value: GS1.1.1697550973.1.0.1697550973.0.0.0
.securityaffairs.com/ Name: _ga
Value: GA1.2.422661789.1697550973
.securityaffairs.com/ Name: _gid
Value: GA1.2.1872421948.1697550973
.securityaffairs.com/ Name: _gat_gtag_UA_59069958_1
Value: 1
securityaffairs.com/ Name: __ppIdCC
Value: aexuritywddwira_xon210.7559.73689
.securityaffairs.com/ Name: __gads
Value: ID=6b6a2d9f3b6e887c-22d59e48efe200fd:T=1697550973:RT=1697550973:S=ALNI_Ma4wPJMj4nmP3x_Jz6KicfO-hXQHg
.securityaffairs.com/ Name: __gpi
Value: UID=00000c9b6cfd9a91:T=1697550973:RT=1697550973:S=ALNI_MbvByRrlJvvEvPvLoFAJoCRZRlVfw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1697543773&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F152569%2Fmalware%2Fredalert-rocket-alerts-spyware.html%3F_gl%3D1&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550972955&bpp=3&bdt=462&idt=258&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=177246528972&frm=20&pv=2&ga_vid=422661789.1697550973&ga_sid=1697550973&ga_hid=698976237&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31078702%2C42531706%2C44805112%2C44805919%2C31078297%2C21065724&oid=2&pvsid=615959684957671&tmod=254611828&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=284
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
assets.vlitag.com
audit-tcfv2.cmp.quantcast.com
buttons-config.sharethis.com
c.amazon-adsystem.com
cdn.jsdelivr.net
cmp.quantcast.com
config.aps.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i0.wp.com
imasdk.googleapis.com
l.sharethis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
platform-api.sharethis.com
px.vliplatform.com
region1.analytics.google.com
region1.google-analytics.com
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
securityaffairs.com
services.vlitag.com
stats.g.doubleclick.net
stats.wp.com
test.cmp.quantcast.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
108.138.1.25
13.32.27.7
192.0.76.3
192.0.77.2
2001:4860:4802:34::36
2600:9000:206f:1800:c:abe:f440:93a1
2600:9000:2127:5a00:6:44e3:f8c0:93a1
2600:9000:2127:6400:9:46dc:4700:93a1
2600:9000:225e:7600:3:a4cd:8380:93a1
2606:4700:10::6816:3bc7
2606:4700:3031::ac43:8cd3
2606:4700:3037::ac43:9e3b
2606:4700::6810:5714
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:80b::200e
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::200a
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::9d
52.222.209.4
52.57.12.122
52.57.180.141
65.9.95.30
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02caf68f9f12893657a05ab9172f53c20bb0ce0e761d2072aff16802994419c5
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
056c8acee66105032f878177b7d8925e6abffd1fab079c0b8c69322d86413214
0576894647aeb40e97127e1fc7f7b1a54995b5c7742ae9dcaa5fe018913d68fa
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09587fd0b4c984573371a553f082e27c4e4ba98f65130e1b1eb7c0b7699509e5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
13f680291be4636cf3b205b7ec1b21dc168b5452d0b3fc3971d6dcd61c20f2b7
1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2
165d6cf0440273d98a7ff9e3a3c996af430f251f139ce41bd21d2b995291a0ff
170d329a585de03caa379e0e068e08b529ba2d693608db4166c3996328185c06
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1df70b268a34a8036eca2f536d670f59e142b877bf09ad993aec61417c7a4870
1e0352c858984ddb68c11c0b8265ea2ae72ab8d29b4471f888d4cbd95fe881ef
1f643a7b0d142e7eaa9456d38a7a02793897ba216dbd04c9e5e7494867470e69
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2777728b6a843d0c9f4cf48ee4ae0d6578ee7c565c15c32c29e48640893d52ee
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c03404e75c3b5dd3190080d5b678433a88aed86b17fba7685f8a36950414fb8
2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f
300214964c9f0376e4a69a233dca8e20ef2657511d866c04f65ea134873897c7
3130f21112b18a291c8326069d81b9b220413df0cee98b58a32390303b83326d
32a42197dc440d45716dd692e63b89b7023bdd66b43d60de83e4de5750c83988
37f91e72a57b5c130fec3e6c66b507d9491e279a49bc775b788f2b3d47efce70
391a145ad46a11041124ef84b4e30bfcc0966ef92d84ca49a48644384eaee6a8
42638cf7ce147ae414ebf639d0c94c85b08018380903afb94e2190b1d4adb317
4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3
46af09a4b95a6d4752b77f2644420d30923309dde813616ddd982ad2791fb570
4b5dcd8c4de34bf3e2bbbb1499ef55172ca6a8c7124c5aaa04cc6ea48a084b8b
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f730efbdcee9c231a179029cf709b751b8f6a950a2a1193fa96e0574c33db53
51e18fa3a179268df5763ae93f237dfa9ab4733b4e2791fe3cfeecca702a8832
5220bfc9416c5b55c41b39baaf1744ed2ce2bec1b0e77382067dea40eec68ba2
52f5e657405d02f0ab9761d8c352e50ddf0329275461a34ad512267f3b06c4db
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5699ad7475ee8e4508c287ffe1f6a0dad33f08f13c63eaec0fea3790d6efd3f4
595572403ed3e55eb4508037f1fc712947c2dd503124ea8150038a5a21a6b698
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
61b5d4f52ec96a0aef85f731e618cb627749775534ae86976446f42350757392
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645ffa5e4bd7d2398eb0639ad31670b6d7fb6c873fa2377d544f69388e932b16
65667ed82728c49377772bfb79241ca88554cef175f7102845fc26885bc94633
6939afaeb559a7dd48bf40e39170c0f5ca2125984aeaca978d9491801f717bb9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5
6f9c72ef22efe8a0e095464ab57ea0d5b6c24fa0abcd9439a1ffe1f522cca92a
73118f58510f80a1610100bd3dd56ef7328382a477a0430004be5b76e9a724dd
732fe1ff87d948c44d6d26af7aa89d8e1eb9eb8e00c372dadbacb51c0ba5865d
733db7ae4355ca413513d02711f452b7fbdc0794b1012d98b9642cff49ff8488
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
79ef2c493105913ae8a012433b49e73fec9f4e3dfaf70723bcf66c3e3e0e09e9
7a65e356551523b3a3222147ddb49ea4dad9b21d38a9b590effd45d55fc94d03
7b24a8da584d97617113c00754e876f3cfd7c937275d37f253488d48781bc3e6
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
804aa2016958413450a7751d3d63ea718f0ed5c5af48b65d765adf9ab2f1b139
811fd563577fcee718d9d8a580057ecc1d2cce675ef78a2f3acc9ed9957efe81
82815a7dba0c18a1092121e80005ee37b0390b8b755a6dc8ba03e199ed3a2501
84e1de7132433ebaa0845af00ce1812287ba004d8288bf78b455f1d9f494f2ab
86b26cecf6c5f789c87e37e75d51732a215f9afd93b994daa1a64178f03aa9c1
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a8c0bd86eee0230682ed29c5e30936b6b14ab02e1586692840ef8ea4de9dda6
8cb19dd370d8a0dd9ee570e546a789c88840bd443082943f099e4c87cdfff2bf
90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4
90bed464813fbd721e4991e83fe323e763f91294f98018462c2698d16e60ae5f
95dbbacaaa6b78654b2b74da75fa16e9986ff82fe674aea184b07e643295c871
9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
a0edce8eaf23a52a5b84a7e7e20f2af6a5220cde29020b33ea1401a8ba31977d
a21e3d4b193d36cbfab4d9cb007c5f531c86b7c3d5fbadc0ea2a20296330d536
ac825c2e7eb874cfe862111097aa63158b575df11b0ea342814a5bc55f450b66
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be
b253964206a6ce075557f8735e7b57268338885e821f317bc63c6616e75c7b60
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bd15935ad0b90e90ce6df3679fecec206da9fce762f2c35c132db215c78233da
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0
c1bd4f5d04adb957951ef7f662e225da10885757a8f87631f24f410c2ec30cb1
c2d044f8521e3075f2ad58f32c4dc926a1cb184a5e270fca225c6638abffd445
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaade0e5f063f06ba9ec0303b6e2cf134e7e7ddedce6b51813880fe52bbb5de2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f058511b904de35902f814231968fab5d08b56ce444e3fdefa0d33e9cf1ec5be
f0a1226e1c24e627edad8ff771a9fe2740f08e5b247e61b852fb8befab0ba205
f2ed80b537e658858b2ebe3ebb7a8ff5fdb21089766a68419c0fc28153daac66
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0
f76335e8788f66c0efc72c2d0db22496f8983e7ce66aaaa7c179f65fa08e5dae
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d