urlscan.io logo urlscan.io
SecurityTrails logo

www.dmnews.com Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Submission: On November 01 via manual from JP — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 4 countries across 19 domains to perform 150 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is www.dmnews.com.
TLS certificate: Issued by WE1 on September 3rd 2024. Valid for: 3 months.
This is the only time www.dmnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
83 188.114.97.3 13335 (CLOUDFLAR...)
7 199.36.158.100 54113 (FASTLY)
1 3.160.150.86 16509 (AMAZON-02)
8 13.32.99.27 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
1 151.101.65.91 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 35.201.67.47 396982 (GOOGLE-CL...)
2 35.190.91.160 15169 (GOOGLE)
2 35.190.59.101 15169 (GOOGLE)
3 87.230.98.78 61157 (PLUSSERVE...)
4 2a02:6ea0:c70... 60068 (CDN77 _)
3 172.217.18.2 15169 (GOOGLE)
1 34.117.62.22 396982 (GOOGLE-CL...)
2 2001:4860:480... 15169 (GOOGLE)
3 34.149.155.241 15169 (GOOGLE)
1 107.178.250.95 396982 (GOOGLE-CL...)
3 216.58.206.46 15169 (GOOGLE)
1 13.32.99.66 16509 (AMAZON-02)
1 4 2600:9000:225... 16509 (AMAZON-02)
1 35.214.163.35 15169 (GOOGLE)
1 2 18.244.18.32 16509 (AMAZON-02)
2 172.64.144.166 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.130 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
5 2600:9000:235... 16509 (AMAZON-02)
150 30
83    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.dmnews.com
images.dmnews.com
7    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
chat.direqt.ai
1    3.160.150.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-86.fra60.r.cloudfront.net
affiliate-cdn.raptive.com
8    13.32.99.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-27.fra60.r.cloudfront.net
ads.adthrive.com
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
1    151.101.65.91 (San Francisco, United States)

ASN54113 (FASTLY, US)
s.skimresources.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    35.201.67.47 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
2    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
3    87.230.98.78 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ds87-230-98-78.dedicated.psmanaged.com
b.delivery.consentmanager.net
4    2a02:6ea0:c700::101 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
cdn.consentmanager.net
3    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
securepubads.g.doubleclick.net
1    34.117.62.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.62.117.34.bc.googleusercontent.com
raptive.solutions.cdn.optable.co
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    34.149.155.241 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 241.155.149.34.bc.googleusercontent.com
raptive-auth.cloud.optable.co
raptive-test.cloud.optable.co
1    107.178.250.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.250.178.107.bc.googleusercontent.com
ads.optable.co
3    216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f14.1e100.net
www.google-analytics.com
1    13.32.99.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-66.fra60.r.cloudfront.net
ads.adthrive.com
4    2600:9000:225e:4400:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
1    35.214.163.35 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 35.163.214.35.bc.googleusercontent.com
gpsb-reims.criteo.com
2    18.244.18.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-32.fra56.r.cloudfront.net
sb.scorecardresearch.com
2    172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a04:4e42:400::626 (United States)

ASN54113 (FASTLY, US)
assets-jpcust.jwpsrv.com
5    2600:9000:235a:8a00:2:cecb:23c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
videos-cloudfront-usp.jwpsrv.com
Apex Domain
Subdomains		 Transfer
83 dmnews.com
www.dmnews.com
images.dmnews.com
521 KB
9 adthrive.com
ads.adthrive.com — Cisco Umbrella Rank: 6639
578 KB
7 consentmanager.net
b.delivery.consentmanager.net — Cisco Umbrella Rank: 27684
cdn.consentmanager.net — Cisco Umbrella Rank: 16023
128 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
region1.google-analytics.com — Cisco Umbrella Rank: 3643
22 KB
7 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 5242
t.skimresources.com — Cisco Umbrella Rank: 5359
p.skimresources.com — Cisco Umbrella Rank: 6587
r.skimresources.com — Cisco Umbrella Rank: 4927
21 KB
7 direqt.ai
chat.direqt.ai — Cisco Umbrella Rank: 100695
9 KB
6 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 4534
videos-cloudfront-usp.jwpsrv.com — Cisco Umbrella Rank: 6646
2 MB
5 optable.co
raptive.solutions.cdn.optable.co — Cisco Umbrella Rank: 8145
raptive-auth.cloud.optable.co — Cisco Umbrella Rank: 7603
raptive-test.cloud.optable.co — Cisco Umbrella Rank: 7978
ads.optable.co — Cisco Umbrella Rank: 7876
26 KB
4 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2532
2 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
183 KB
2 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 501
145 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1693
182 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 170
5 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
175 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
14 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 364
17 KB
1 criteo.com
gpsb-reims.criteo.com — Cisco Umbrella Rank: 8839
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2302
1 KB
1 raptive.com
affiliate-cdn.raptive.com — Cisco Umbrella Rank: 33841
50 KB
150 19
Domain Requested by
75 www.dmnews.com www.dmnews.com
9 ads.adthrive.com www.dmnews.com
ads.adthrive.com
8 images.dmnews.com www.dmnews.com
7 chat.direqt.ai www.dmnews.com
chat.direqt.ai
5 videos-cloudfront-usp.jwpsrv.com ads.adthrive.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.dmnews.com
4 cdn.jwplayer.com 1 redirects ads.adthrive.com
4 cdn.consentmanager.net ads.adthrive.com
b.delivery.consentmanager.net
www.dmnews.com
3 securepubads.g.doubleclick.net ads.adthrive.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
3 b.delivery.consentmanager.net ads.adthrive.com
www.dmnews.com
2 imasdk.googleapis.com ads.adthrive.com
imasdk.googleapis.com
2 cdn.confiant-integrations.net ads.adthrive.com
cdn.confiant-integrations.net
2 sb.scorecardresearch.com 1 redirects www.dmnews.com
2 raptive-auth.cloud.optable.co raptive.solutions.cdn.optable.co
2 region1.google-analytics.com www.googletagmanager.com
2 r.skimresources.com s.skimresources.com
2 p.skimresources.com www.dmnews.com
2 t.skimresources.com www.dmnews.com
s.skimresources.com
2 www.googletagmanager.com www.dmnews.com
www.googletagmanager.com
1 assets-jpcust.jwpsrv.com www.dmnews.com
1 pagead2.googlesyndication.com imasdk.googleapis.com
1 s0.2mdn.net imasdk.googleapis.com
1 gpsb-reims.criteo.com ads.adthrive.com
1 ads.optable.co raptive.solutions.cdn.optable.co
1 raptive-test.cloud.optable.co raptive.solutions.cdn.optable.co
1 raptive.solutions.cdn.optable.co ads.adthrive.com
1 s.skimresources.com affiliate-cdn.raptive.com
1 secure.gravatar.com www.dmnews.com
1 affiliate-cdn.raptive.com www.dmnews.com
150 29

This site contains links to these domains. Also see Links.

Domain
phonexa.com
www.facebook.com
twitter.com
pinterest.com
facebook.com
www.linkedin.com
Subject Issuer Validity Valid
dmnews.com
WE1		 2024-09-03 -
2024-12-02		 3 months crt.sh
chat.direqt.ai
WR3		 2024-10-24 -
2025-01-22		 3 months crt.sh
*.raptive.com
Amazon RSA 2048 M02		 2024-06-05 -
2025-07-05		 a year crt.sh
*.adthrive.com
Amazon RSA 2048 M03		 2024-04-05 -
2025-05-04		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2023-12-05 -
2025-01-04		 a year crt.sh
*.skimresources.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-01 -
2024-12-31		 6 months crt.sh
skimresources.com
WR3		 2024-09-18 -
2024-12-17		 3 months crt.sh
b.delivery.consentmanager.net
R11		 2024-09-10 -
2024-12-09		 3 months crt.sh
1376624012.rsc.cdn77.org
E5		 2024-09-05 -
2024-12-04		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
raptive.solutions.cdn.optable.co
WR3		 2024-10-23 -
2025-01-21		 3 months crt.sh
join.ca.optable.co
R11		 2024-09-12 -
2024-12-11		 3 months crt.sh
ads.optable.co
WR3		 2024-10-08 -
2025-01-06		 3 months crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2024-09-25 -
2025-10-23		 a year crt.sh
gpsb-reims.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-25		 3 months crt.sh
confiant-integrations.net
WE1		 2024-09-09 -
2024-12-08		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
jwpsrv.com
Amazon RSA 2048 M03		 2024-02-17 -
2025-03-16		 a year crt.sh

This page contains 8 frames:

Primary Page: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Frame ID: 0201E28F904459798E0AD5C8EE22D7CC
Requests: 149 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.9424930059495209
Frame ID: 0C403442797224EF8B5A9A9D36C6708E
Requests: 1 HTTP requests in this frame

Frame: https://chat.direqt.ai/chatbot/6634e43e0e65d93c784daeca/embed?referrer=https%253A%252F%252Fwww.dmnews.com%252Fsekoia-uncovers-new-google-meet-malware%252F&layout=overlay&storyId=https%253A%252F%252Fwww.dmnews.com%252Fsekoia-uncovers-new-google-meet-malware%252F&disableUiExtensions=true&searchOnly=false&strict=1&startHint=poll
Frame ID: 43B8512647B4A782D2A3DC4A1C3992E2
Requests: 1 HTTP requests in this frame

Frame: https://ads.optable.co/ca/paapi/v1/dsp/ig/join?origin=ace043bf-d78b-4e55-8524-b954c73c1225&vid=v%3A63BRfvsKkYJd6L6hLO0kBW
Frame ID: 0419622AFDF3F7AC1B57ABFB0B4FD8D5
Requests: 1 HTTP requests in this frame

Frame: https://ads.adthrive.com/builds/core/3e2371f/html/i.html
Frame ID: 59EC41D666CE56D1AEF739ED38DC5C54
Requests: 1 HTTP requests in this frame

Frame: https://gpsb-reims.criteo.com/paapi/join_ig?advertiser_id=500002_500329&ig_name=r6NnpiEx
Frame ID: 4557E4AD4CE9C75E436662E6D786F70E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.675.2_en.html?gdpr=1
Frame ID: FEBB20346ED29B3F1E8272CBF21847C4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 177121A100F4071411EE30296431AF06
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sekoia uncovers new Google Meet malware

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • /flickity(?:\.pkgd)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

150
Requests

98 %
HTTPS

34 %
IPv6

19
Domains

29
Subdomains

30
IPs

4
Countries

4579 kB
Transfer

9608 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 128
  • https://sb.scorecardresearch.com/cs/6035453/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/6035453/beacon.js
Request Chain 140
  • https://cdn.jwplayer.com/v2/media/2SCwPehb/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/i441fzmp-720.jpg

150 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.dmnews.com/sekoia-uncovers-new-google-meet-malware/ 		230 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dda260f25518c298c6fe6dec8e4a5b171012fd5e611ea1e7feafea26097f333d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8db7cbeedef60e31-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 01 Nov 2024 00:34:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aMODFIpQOSxzPP7e6hCOCLf%2BXgWCowPdv8UdC7gP7VNf3rlzr0bVyr%2F99j3dOyWkqyn%2BymHFIEQ3CD%2BBRvI3V993iLM0TUIp%2FWy6SGDp3jVBoRP5QDoyULDAsVibzeDvBA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=15059&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4176&recv_bytes=4518&delivery_rate=699&cwnd=12000&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=281&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding, Cookie
x-cache
MISS
x-cache-2
BYPASS
embed.js
chat.direqt.ai/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.direqt.ai/embed.js
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7d1fd955dee5c5e4fa01886134728f2422528f26fa8a5d4e8a104eb0604f1a1d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

strict-transport-security
max-age=31556926
cache-control
public, max-age=600, s-maxage=604800
content-encoding
br
etag
"44e3cfcdba7520c938c822415d86f3714942240ccc08a0ea80888c453f563d8a-br"
x-timer
S1730421241.660208,VS0,VE0
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
content-length
6030
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 30 Oct 2024 15:50:50 GMT
x-served-by
cache-bru1480045-BRU
x-cache-hits
0
vary
x-fh-requested-host, accept-encoding
affiliate.mvp.min.js
affiliate-cdn.raptive.com/ 		50 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://affiliate-cdn.raptive.com/affiliate.mvp.min.js
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-86.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edca24668654ebccf139e44e3f3c6c5c7039f0734465d676f9043552fb3f5447

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

vary
Origin
etag
"6139eeebfac4cf5f86cbad41fcd899ad"
age
1190
via
1.1 69114e4ea0aa4e532a5be63a75c51e2c.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
50854
x-amz-cf-id
XQqA6mNTt8dy9Y4ohtRXnJcKW_CtrnxZ5QygIkGWEDKLkKUZyJuSjg==
date
Fri, 01 Nov 2024 00:14:11 GMT
content-type
text/javascript
last-modified
Wed, 30 Oct 2024 22:09:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
x-amz-server-side-encryption
AES256
canvas-icons.woff
www.dmnews.com/wp-content/plugins/canvas/assets/fonts/ 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/assets/fonts/canvas-icons.woff
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d85629e2ed1f3ac9a8a7d86dc49c0e9a72ff72ce43e0baef6071c912955943

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.dmnews.com
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

cf-cache-status
HIT
etag
"61783bd9-10dc"
age
22133
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NDvxE%2Bi5Hvj0mBvSZj3Ivd7HlcvXAT4EhAbVya57eBm9ZshnXXEdMEQf5wQ90r4%2Fc%2F8GWXohzoFOZlghFoGqgQg5lExgEIVkzertLU0ogai9KczluoNzZU6dwTG4owoKYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19333&sent=45&recv=39&lost=0&retrans=0&sent_bytes=41883&recv_bytes=10889&delivery_rate=787648&cwnd=27300&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=419&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
font/woff
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf1386c0e31-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
4316
server
cloudflare
powerkit-icons.woff
www.dmnews.com/wp-content/plugins/powerkit/assets/fonts/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/powerkit/assets/fonts/powerkit-icons.woff
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05a1dbfe780fd6bdd0718ae8819a959125caa7507c0f65ebc2175b4d8c752bab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.dmnews.com
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

cf-cache-status
HIT
etag
"617eb04c-64a8"
age
224928
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1YSDl6sltZPrG5lNoH1ix4PxfXInBVYeqcHYPhjJ8BwCwwCD%2BYNlVv0t3Vg15U5BqLU9yDqGzD6Asb42qpLvOnz6phRpDxn5Jjc8N6kbfxAtntAxjwBABtjaEtJyOjRzLw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 05 Nov 2024 10:05:12 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19333&sent=65&recv=39&lost=0&retrans=0&sent_bytes=63233&recv_bytes=10889&delivery_rate=787648&cwnd=27300&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=422&x=1", cfExtPri, cfHdrFlush;dur=5
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
font/woff
last-modified
Sun, 31 Oct 2021 15:03:40 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf1386d0e31-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
25768
server
cloudflare
canvas.css
www.dmnews.com/wp-content/plugins/canvas/assets/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/assets/css/canvas.css?ver=2.3.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cf3af999361646783592d22ca08310f14d8aac5c8eb6e96f79b0537e28f1ce3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-685d"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QAhsqBmgBun5g8gHS9Ky%2FFPAQ1fh8L%2BhFsDFQIhvGyJXENNBYL8eSnM%2BbpXlyRdQKTjpv3OEKOqaCYCjo7kF0q2UncfdFeEtIe%2FUU8rFfDYhKDyw8KGTGR2Ixfpn7r6rJg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19333&sent=50&recv=39&lost=0&retrans=0&sent_bytes=47024&recv_bytes=10889&delivery_rate=787648&cwnd=27300&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=419&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf1386e0e31-AMS
access-control-allow-origin
*
server
cloudflare
powerkit.css
www.dmnews.com/wp-content/plugins/powerkit/assets/css/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/powerkit/assets/css/powerkit.css?ver=2.5.8.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73532816419bcbcbf797acad133ce0679f8eec67dff7ba5ef1c122ce0f774e7e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617eb04c-6517"
age
60389
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yXbcBFplThnLSFvmiW%2FlEMvDRNvQ6FjZKPfXWtOupbn85WEnF9kU3cRfaBS7utOfP2qPuv4AgOk06AojUfszwv21wzTip0VEPHFkOH54OlUvyDUl4u%2FwW6TcLnSwVtFHDw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 07:47:31 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19333&sent=55&recv=39&lost=0&retrans=0&sent_bytes=52283&recv_bytes=10889&delivery_rate=787648&cwnd=27300&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=420&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Sun, 31 Oct 2021 15:03:40 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf138710e31-AMS
access-control-allow-origin
*
server
cloudflare
style.min.css
www.dmnews.com/wp-includes/css/dist/block-library/ 		110 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66e08116-1b72b"
age
186839
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=flGzk0RyS%2FzeGzs3DK5wtuImvHGvy2i0ewI76uYaVt9igfhuE%2FgcyZwqUH7weV%2FMImwxmpNWgOwc%2BCdvS%2F4juSK0fhOwDK8TSWt%2FHhXb1I%2FqwINhsEJa%2BkHSwlYmeJ1p5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 05 Nov 2024 20:40:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19333&sent=60&recv=39&lost=0&retrans=0&sent_bytes=58115&recv_bytes=10889&delivery_rate=787648&cwnd=27300&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=422&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 10 Sep 2024 17:25:42 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf138730e31-AMS
access-control-allow-origin
*
server
cloudflare
block.css
www.dmnews.com/wp-content/plugins/canvas/components/basic-elements/block-alert/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/components/basic-elements/block-alert/block.css?ver=1635269593
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5c28ade86f07f93053256214afa706842351fbaae40ec94f2eb879e72be565e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-84d"
age
22133
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J1iPwbWW2AbHCOIPNliNoajEENYtepPbah%2FHJD4l5USUnz7lDLoMv4f4fvZHDw%2BnwWj027leTdDghYmLN8dCbXoJ5M8flIeAyxZodxoeUOIg16mR9XRzhJ6%2FQqRo0tOXcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19333&sent=65&recv=39&lost=0&retrans=0&sent_bytes=63233&recv_bytes=10889&delivery_rate=787648&cwnd=27300&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=425&x=1", cfExtPri, cfHdrFlush;dur=2
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf138740e31-AMS
access-control-allow-origin
*
server
cloudflare
block.css
www.dmnews.com/wp-content/plugins/canvas/components/basic-elements/block-progress/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/components/basic-elements/block-progress/block.css?ver=1635269593
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4739e0d772df10f4913cb1f1680efe46a68765649f7de2a7c733a9abd807c47

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-bf7"
age
22133
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fJVJCNgi%2BPAF0BymxupC8KTZP23zUd2%2B32K41VVMin8BDo7os2GSZX%2F2sdyjxW9%2B4WNIAfL%2Fabc4cPsihFHnq800pkIRMWbBJUPGerbvGKOanT7RNTgJb4wtGM3yiwOHRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19333&sent=65&recv=39&lost=0&retrans=0&sent_bytes=63233&recv_bytes=10889&delivery_rate=787648&cwnd=27300&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=423&x=1", cfExtPri, cfHdrFlush;dur=4
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf138760e31-AMS
access-control-allow-origin
*
server
cloudflare
block.css
www.dmnews.com/wp-content/plugins/canvas/components/basic-elements/block-collapsibles/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/components/basic-elements/block-collapsibles/block.css?ver=1635269593
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05c4b441ed48e59ad4f7ca2fd9460563e5560f5842677fb743862d38dea0bb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-831"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OT47Lty3CDZFmxLByAnwNDeFUsQkQOiL6taz%2FMUUvkxNEvtmqHIC8c7XI0R37EC1vzQ%2BvlAgSxsqys0H4Oco2qGV5wTovJuGkcPPEcfBEW6DZDyNM6Fm8ObnyOIBaa9dFw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19333&sent=65&recv=39&lost=0&retrans=0&sent_bytes=63233&recv_bytes=10889&delivery_rate=787648&cwnd=27300&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=425&x=1", cfExtPri, cfHdrFlush;dur=2
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf138780e31-AMS
access-control-allow-origin
*
server
cloudflare
block.css
www.dmnews.com/wp-content/plugins/canvas/components/basic-elements/block-tabs/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/components/basic-elements/block-tabs/block.css?ver=1635269593
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74f4e1d4b6abdd3a891991ec1aff2a998eadb389dc3c21c5097cbefde721a229

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-17f3"
age
22133
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6G2nLtHzIiLLGtALwFx7QmC8xn6Aro1HKwUcRu0Zi1mgHugn7W2m0eImzlhj35JZM%2FfpZbCnNoNZw4xtXwiHZn9ecn%2BtNcX2hLP1GptLkffDi63iMSebc0KnWnsjYJAQMw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19333&sent=65&recv=39&lost=0&retrans=0&sent_bytes=63233&recv_bytes=10889&delivery_rate=787648&cwnd=27300&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=424&x=1", cfExtPri, cfHdrFlush;dur=3
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf138790e31-AMS
access-control-allow-origin
*
server
cloudflare
block.css
www.dmnews.com/wp-content/plugins/canvas/components/basic-elements/block-section-heading/ 		25 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/components/basic-elements/block-section-heading/block.css?ver=1635269593
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf65cae1eaeb23d9930887f7a7327081412f0d90fe88163d3f7eef4966a506a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-644d"
age
22133
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1zZYphSNCa2oWi%2FmcvWlFXx4BqKTB3YYqpLPA0TYElXuNESsAW%2FZs%2FXlGC%2BvW2xP39%2FiqU%2Fh7dbg9njeveqe3rqLDxd8iPutXbV6LJKhv5ETI67UGBIphKE5AG4AQQm6Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=75&recv=80&lost=0&retrans=0&sent_bytes=74784&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=443&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf1387a0e31-AMS
access-control-allow-origin
*
server
cloudflare
block-row.css
www.dmnews.com/wp-content/plugins/canvas/components/layout-blocks/block-row/ 		946 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/components/layout-blocks/block-row/block-row.css?ver=1635269593
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0970aa8255c4100c348511d8c98516a237792e1dfeb90111e04e60842fa80e8e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-3b2"
age
22133
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UnU6mIlfGi4WbT1Ny2AmFhWTtXx0TlSQ3%2B0d19EbdsZ%2BKpBFCZgmBdTmu70l5oUhviVtivFuJgH1knCHSTYcY2uVdeNKPnwliYc%2FgJRD535oJZvZafLsSDOC2ONAspgYCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19333&sent=65&recv=39&lost=0&retrans=0&sent_bytes=63233&recv_bytes=10889&delivery_rate=787648&cwnd=27300&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=426&x=1", cfExtPri, cfHdrFlush;dur=1
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf1387b0e31-AMS
access-control-allow-origin
*
server
cloudflare
block-justified-gallery.css
www.dmnews.com/wp-content/plugins/canvas/components/justified-gallery/block/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/components/justified-gallery/block/block-justified-gallery.css?ver=1635269593
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
152c7a1bf03659d3a2e9f6c55fe8c7f5152276a951933f959ef9413d1f7e87ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-954"
age
22133
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wSXuJVWqrGREoVdA7QBZmebO3Akq5WJix16aO9UIjcGLjCML4Jgk2KxRm89FSObBbtqcYDpvxVHOwi2gj65vmF81RIAXbo%2BxGFUWwXlNBOI4iHPpxoPBXWpZGO09ovSEMA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19333&sent=65&recv=39&lost=0&retrans=0&sent_bytes=63233&recv_bytes=10889&delivery_rate=787648&cwnd=27300&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=426&x=1", cfExtPri, cfHdrFlush;dur=1
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf1387d0e31-AMS
access-control-allow-origin
*
server
cloudflare
block-slider-gallery.css
www.dmnews.com/wp-content/plugins/canvas/components/slider-gallery/block/ 		747 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/components/slider-gallery/block/block-slider-gallery.css?ver=1635269593
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90bd0b913e4b1da553acd1a4a7b368e157ea6bc9161e93f86f2543eec62948c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-2eb"
age
587891
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2F28PDdIOENwz%2FuzjEy13EthWedOOFZ9vcgjLdYxM1gGYMRobq0TeWO7kYLkLds%2F%2FqI473UUzemQRdkFn99gKkiepB7%2BgVsntb8HVZzSkYgSWwuXSoKl1knX1froc3SVxw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 01 Nov 2024 05:15:49 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=75&recv=80&lost=0&retrans=0&sent_bytes=74784&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=443&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf1387e0e31-AMS
access-control-allow-origin
*
server
cloudflare
block-posts-sidebar.css
www.dmnews.com/wp-content/plugins/canvas/components/posts/block-posts-sidebar/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/components/posts/block-posts-sidebar/block-posts-sidebar.css?ver=1635269593
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f58d479787605c9e219e7dffc1f9e015f7946ae68e6ec23c5ef5ddb49df5a5dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-ef4"
age
22133
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dlIzuhxyu%2FCDE05m5dW5Ev8X3QWcHW%2FfDBmeGCj%2FN62%2FgVtDMuA3Q6cofYP3Ly9FBfFPtJhWLacTh2E4qe2ZT6gzldh%2BTMHXZkLnUvP9G53Mh5NGnAW9bhEGyRSZ%2BPGNAA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=75&recv=80&lost=0&retrans=0&sent_bytes=74784&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=443&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf138830e31-AMS
access-control-allow-origin
*
server
cloudflare
advanced-popups-public.css
www.dmnews.com/wp-content/plugins/advanced-popups/public/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/advanced-popups/public/css/advanced-popups-public.css?ver=1.1.9
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c670bf4ea63ed9c8f8d6db0ed773d783e7eb47ca0d786072c5a7291fb3575ad0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"664d06f1-322e"
age
579080
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bu6i1Ris9z5dCT3pEsvKBg%2BNuQ8d%2BnEBZGZqskLmBNAhkAGt6KBuxeQxeslx8x1qGgic5iwgOKiwrt3ltqacpQIk1lx8%2FSlP4NKnITsSTmxQKZxDrC07qx75XQvcMYov%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 01 Nov 2024 07:42:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19333&sent=65&recv=39&lost=0&retrans=0&sent_bytes=63233&recv_bytes=10889&delivery_rate=787648&cwnd=27300&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=427&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 21 May 2024 20:41:21 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf138850e31-AMS
access-control-allow-origin
*
server
cloudflare
block.css
www.dmnews.com/wp-content/plugins/canvas/components/content-formatting/block-heading/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/components/content-formatting/block-heading/block.css?ver=1635269593
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8d0164cbde5631e2e6d5d3d461827f6342d43383fc8d38125012d364ffec65d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-ea2"
age
22133
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BkTNNBL%2Bo8LiQHklRp%2BeGmKI%2F1i0CRPe8ZUQFuxZv7jVz3zIfG9MnKbQSYrKELafPiM2Ow6VkSzRy6duqlrUXnEoaFM%2BXMOv9VUGw0LhfAliGvZ82w5Qt2AVqLNqh8klVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=75&recv=80&lost=0&retrans=0&sent_bytes=74784&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=443&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf1588f0e31-AMS
access-control-allow-origin
*
server
cloudflare
block.css
www.dmnews.com/wp-content/plugins/canvas/components/content-formatting/block-list/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/components/content-formatting/block-list/block.css?ver=1635269593
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1cce2164f037d23a6c642ae6f9dd7ef6ccab056b7b1ff88df0f54759b7748bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-1279"
age
79133
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ICF1W80%2FHJxhezODuKjrfno9oIIzcAlDr3ZXPnBFM5OqmtG%2FQofGUEuK0Q95GHLqM21Yr9o5fnKeFvGnw5HnU23xZrCsQQ9QO9BpdmQePFnXw33VW%2B8%2BzUA6fITP0ehamg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 02:35:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=75&recv=80&lost=0&retrans=0&sent_bytes=74784&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=443&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158900e31-AMS
access-control-allow-origin
*
server
cloudflare
block.css
www.dmnews.com/wp-content/plugins/canvas/components/content-formatting/block-paragraph/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/components/content-formatting/block-paragraph/block.css?ver=1635269593
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20cdb567a5734aacc93a928b450d370b42eee05664df757622798bc330775d39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-ddb"
age
22133
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3FUc%2F0FmjbWZ0eHUNZ4px1%2FcEngC8o63xfKoRZPTwHv0gqUI8S5Qao9c35l6TUoF6wO3BpRlM3Rub7Fi5cHo5j4pa7XaN14m9D0XkZ5jHC5eJLcwujIMsZfGjNeDCK2Jow%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=75&recv=80&lost=0&retrans=0&sent_bytes=74784&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=443&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158910e31-AMS
access-control-allow-origin
*
server
cloudflare
block.css
www.dmnews.com/wp-content/plugins/canvas/components/content-formatting/block-separator/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/components/content-formatting/block-separator/block.css?ver=1635269593
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90182bb7804c72423286cf956b1c2b3f0d1655d7206ff45c5de72f72e61e54f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-8e3"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VB2Wcedus5%2Bo3X7wIs4E3DkPaSGtaOEcsy7CgJjCXysJxTkpeyL%2Bg2Hd%2FNDgV86D%2BIYSNaSA%2BlTjB3b1moa2aJDhASiHRnEwACniyAzZXqd43lVpLJmpQw3OkD08QayOSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=75&recv=80&lost=0&retrans=0&sent_bytes=74784&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=443&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158920e31-AMS
access-control-allow-origin
*
server
cloudflare
block.css
www.dmnews.com/wp-content/plugins/canvas/components/basic-elements/block-group/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/components/basic-elements/block-group/block.css?ver=1635269593
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1219161aa0b4acbac811198524a7bf6272afae0ae5eec52ddfdbb7fd15081f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-cb7"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KTrpm8b95p3pwVEOKgwV8Bx8AnSaMqJ82t3C%2BKCnfkYI2RxPgyHhiwCgiEls0kDHqb6LgCZucp2hDXiPca7yenraw%2F9OsuRIimGzFyhGrzooL%2BRnxUd9PnrtIpp%2FeOqcuA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=75&recv=80&lost=0&retrans=0&sent_bytes=74784&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=443&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158930e31-AMS
access-control-allow-origin
*
server
cloudflare
block.css
www.dmnews.com/wp-content/plugins/canvas/components/basic-elements/block-cover/ 		636 B
973 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/components/basic-elements/block-cover/block.css?ver=1635269593
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faade092315e8c7c8a038b4080a24ee764f1fcb107db6ca229927e6ca7d60807

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-27c"
age
575004
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QJJQcirAn0%2BR1V2DOJRftyNN9Nc5Okly9IMOW6uWUKfpA2BaWpDFnpwL3AGOkTFB6HzWEpMTR5rFfEfHKyTH0V4QZbO3SyNkmcmpbpv56JYEFpyrv0sK%2FOsd3AN39nRlQg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 01 Nov 2024 08:50:36 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=75&recv=80&lost=0&retrans=0&sent_bytes=74784&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=443&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158940e31-AMS
access-control-allow-origin
*
server
cloudflare
styles.css
www.dmnews.com/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"633d81b7-aab"
age
22133
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8baUVrJUbw%2FGjAkOTU%2FxH9%2BQBw3bcqtCW88BgH7%2Fc2nqCG1tgtGScweM8oc5hvANdQhecOlKQJpi9dmmK8zxNZiqK0uljiTr0nEtQz7oBKcxGnsf4SbHGUKs8PtkAYPToQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=75&recv=80&lost=0&retrans=0&sent_bytes=74784&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=443&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Wed, 05 Oct 2022 13:08:07 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158980e31-AMS
access-control-allow-origin
*
server
cloudflare
cf7msm.css
www.dmnews.com/wp-content/plugins/contact-form-7-multi-step-module/resources/ 		99 B
820 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/contact-form-7-multi-step-module/resources/cf7msm.css?ver=4.1.92
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
503f9aa8675e396e6feec3369148a12f5c863c5068d573e72a3f2f4d217ac0d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"633d81bb-63"
age
22133
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TYfTTYaQGp5WKp5TLTGSxQlGyGkHigr1%2FU%2Fage7ho94G%2FyegE9sOhpWpVmiagt59A4UPEwKKyDfMAhcc7MNPEdGPyHNTcJbk6dVx63CwVydZA1Z5t8Z8HRDz6NcQw5hBhg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=75&recv=80&lost=0&retrans=0&sent_bytes=74784&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=443&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Wed, 05 Oct 2022 13:08:11 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158990e31-AMS
access-control-allow-origin
*
server
cloudflare
public-powerkit-author-box.css
www.dmnews.com/wp-content/plugins/powerkit/modules/author-box/public/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/powerkit/modules/author-box/public/css/public-powerkit-author-box.css?ver=2.5.8.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
872b9355e9384f4f8d6b4b83f278a53123c1cdb0b1a0f9fca82a5ae8f23f572c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617eb04c-99a"
age
22133
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yCTIu6sBA%2B8hZEu2YDOnNb9QAF4NWWQfHWMA0xd5GMPj8sisjKAlXBPkp0eCH%2BtM60WE0Yx5LvnL%2BqI40fuRJbEbQyN62LAuTgx4bKGeJ%2FSP9pike%2BioWa7dKs%2BejYosgA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=75&recv=80&lost=0&retrans=0&sent_bytes=74784&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=443&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Sun, 31 Oct 2021 15:03:40 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf1589a0e31-AMS
access-control-allow-origin
*
server
cloudflare
public-powerkit-basic-elements.css
www.dmnews.com/wp-content/plugins/powerkit/modules/basic-elements/public/css/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/powerkit/modules/basic-elements/public/css/public-powerkit-basic-elements.css?ver=2.5.8.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
347f6cd20880fc426f1d7099177d6b448493d2af646dc89fe9a4fe4f5db5cf31

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617eb04c-52c1"
age
22133
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9WQmsP40pXSkpE%2BrgX9Cud8JDjb7jbqmcuouSCtntn1Iq%2F5wpBfTNZCbO65K2iqkXj%2FBeQPSKhuPcb704Obu11ldQonqObbeGk1C%2BW3jKivqhhcJVZPSeZiqX3R480n7Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=75&recv=80&lost=0&retrans=0&sent_bytes=74784&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=443&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Sun, 31 Oct 2021 15:03:40 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf1589c0e31-AMS
access-control-allow-origin
*
server
cloudflare
public-powerkit-coming-soon.css
www.dmnews.com/wp-content/plugins/powerkit/modules/coming-soon/public/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/powerkit/modules/coming-soon/public/css/public-powerkit-coming-soon.css?ver=2.5.8.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35294f3aea1be84744bb4c705cc6fbe03cd6f1f468ae5731347a52d3acff94e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617eb04c-57a"
age
22133
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6uDrqAamVPN3Ub3yajQmVF6ku9E8fj%2Bo9cppXEm%2FxvGNzqrO3LYzrTJiO9gUoyNJtSi3otnMpcfV0f69%2FDuLE%2F5qi0opfhWNOoX4HQG%2F2%2BViVMbIs%2FwJn2Kxyl3YBT%2FpkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=79&recv=80&lost=0&retrans=0&sent_bytes=77683&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=445&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Sun, 31 Oct 2021 15:03:40 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf1589e0e31-AMS
access-control-allow-origin
*
server
cloudflare
public-powerkit-content-formatting.css
www.dmnews.com/wp-content/plugins/powerkit/modules/content-formatting/public/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/powerkit/modules/content-formatting/public/css/public-powerkit-content-formatting.css?ver=2.5.8.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1724646da775a861e2e73ef05aa2c63775da5d1779c51d9b0c8ab7f28bfaa29b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617eb04c-23e5"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PfpWk8o%2BxZGByWWsjYe1f0Qn327yYUv2MOaRmci4PLakJcd4DDfsClyhkzstISBsoCabKfuuCFadBdnfw1RTtiBiJ4RJpXPpzDnuYEnKjHsLbbW6D0MzFyzCPgYxVneaXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=77&recv=80&lost=0&retrans=0&sent_bytes=76133&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=445&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Sun, 31 Oct 2021 15:03:40 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158a20e31-AMS
access-control-allow-origin
*
server
cloudflare
public-powerkit-contributors.css
www.dmnews.com/wp-content/plugins/powerkit/modules/contributors/public/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/powerkit/modules/contributors/public/css/public-powerkit-contributors.css?ver=2.5.8.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cd3358120e9690cdeef256ade204e2a306d28b08abb0aa46b1a40ac55c57fef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617eb04c-b96"
age
16750
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1WoVWus42Xpu9my%2FqzMhNRT3VA73trt6Uu%2FuMBkZCq8HQXr5RVkCnoTKSYCCZjeWnrvDzUbHxEggwHlh%2Fyx90oXfh%2Bp6HSYR%2Bki93yQrvJNH7q%2F5eOQk8kHnWmi62SYOsA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 19:54:50 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=79&recv=80&lost=0&retrans=0&sent_bytes=77683&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=445&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Sun, 31 Oct 2021 15:03:40 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158a40e31-AMS
access-control-allow-origin
*
server
cloudflare
public-powerkit-featured-categories.css
www.dmnews.com/wp-content/plugins/powerkit/modules/featured-categories/public/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/powerkit/modules/featured-categories/public/css/public-powerkit-featured-categories.css?ver=2.5.8.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
172790fe3c83b2f57db2095b32efe1437d2bfd47b97ed2b5686bc3ec2258c1db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617eb04c-132c"
age
22133
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rm%2BybbRj7RUo9CGa5%2BJepd263vbmObD9eCYFkZFzz2pIVbLbHf9YmqfVWVBgQPDEoAL%2Fw43o3o%2FyhDLgBjpmErPfSMXYjsW4D1Xn2BQAgRQf%2B5F%2BiziHSypLLEEg4vrCAA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=79&recv=80&lost=0&retrans=0&sent_bytes=77683&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=445&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Sun, 31 Oct 2021 15:03:40 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158a50e31-AMS
access-control-allow-origin
*
server
cloudflare
public-powerkit-inline-posts.css
www.dmnews.com/wp-content/plugins/powerkit/modules/inline-posts/public/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/powerkit/modules/inline-posts/public/css/public-powerkit-inline-posts.css?ver=2.5.8.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0364a8643c1531b82bf9d55d51693f899d46fd61afa65a07cd7033e11f4306e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617eb04c-e60"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jRlo23xxpguIkYqsPI3JsSyZUOqSuIFyYs5I4Ic0JHY03A7nWZ08sKR6ZlNdCmdoesGXIEwmWgsAXmh86IgAnQ6MCru4XOxqgxXL%2Bp%2FlbiYURFYRYXbgzWBw98pirff3lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=102&recv=80&lost=0&retrans=0&sent_bytes=96815&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=455&x=1", cfExtPri, cfHdrFlush;dur=3
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Sun, 31 Oct 2021 15:03:40 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158a70e31-AMS
access-control-allow-origin
*
server
cloudflare
magnific-popup.css
www.dmnews.com/wp-content/themes/dmnews/assets/css/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/themes/dmnews/assets/css/magnific-popup.css?ver=1.0
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6791f2a6b58b07bfc68f1b5fa0786e108d0deed6184918949b437e0acc547cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617839dd-1afd"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s8hfWu5pQfdp45zaR9ho5bdgZ2jPFYTHFlBwHBxFdqM3mDBnsEViFobfF7bFdu%2ByLkCSUMyeeXanMjaixjSAWmKjSKPvQAaGd%2F%2FSq6OixLXWwyXK3A41oBaL7G0e70v0%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=102&recv=80&lost=0&retrans=0&sent_bytes=96815&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=447&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:24:45 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158aa0e31-AMS
access-control-allow-origin
*
server
cloudflare
public-powerkit-lightbox.css
www.dmnews.com/wp-content/plugins/powerkit/modules/lightbox/public/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/powerkit/modules/lightbox/public/css/public-powerkit-lightbox.css?ver=2.5.8.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e61d072b3fcaa221626725a84ec97eda78b9f921f99837c7441c3d6e2bf28a2b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617eb04c-402"
age
60389
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gUHBqgV1s6eu1bMV%2FOE3htNsiJjzF4vH%2BM0yBGAijAX7F9NUriWvbkRPXxpJIuSR28ZCtSGQo00ofq2YZ3M%2FQUVCBqFNxsKLM3vS%2F5G5CJpPX5Nt0jz1D12Knf1C9AmXmg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 07:47:31 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=102&recv=80&lost=0&retrans=0&sent_bytes=96815&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=448&x=1", cfExtPri, cfHdrFlush;dur=10
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Sun, 31 Oct 2021 15:03:40 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158ab0e31-AMS
access-control-allow-origin
*
server
cloudflare
public-powerkit-widget-posts.css
www.dmnews.com/wp-content/plugins/powerkit/modules/posts/public/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/powerkit/modules/posts/public/css/public-powerkit-widget-posts.css?ver=2.5.8.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39f781e151f895b59250d716ad54dfbac769b67f0f3e9edd6fd51379b9b46edd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617eb04c-a9a"
age
22133
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cykCwhyV2H%2FC%2Bo4P1aRcJYkmjpoyrB%2BYV5nUBkWspyH51WIZFkO0A1FMA9RMi2NHNcIDotzVPixGt%2BeJQMB1VdrrCfHUIfhYp7Gxl787l0LH9MxQaF3fgcgv%2B5HFuE7Oew%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=102&recv=80&lost=0&retrans=0&sent_bytes=96815&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=454&x=1", cfExtPri, cfHdrFlush;dur=4
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Sun, 31 Oct 2021 15:03:40 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158ac0e31-AMS
access-control-allow-origin
*
server
cloudflare
public-powerkit-scroll-to-top.css
www.dmnews.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/css/public-powerkit-scroll-to-top.css?ver=2.5.8.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c208f932d9a1c8ea23299037b4a0a8dc08c8746203f2241390b1494aa01ed7d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617eb04c-44d"
age
14835
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OHXz053w9y3lCIdRUm%2BdsuFp3PRYNC6SSULFPG4imNBtMwiegldIFNuXFQ6NI2Rv2IIgrbfFq389q5OZkXnsmHXxsf58cjpzvkDZGvsSVl76PIIuwz8JNmZ%2ByBXxBonFtA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 20:26:45 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=102&recv=80&lost=0&retrans=0&sent_bytes=96815&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=447&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Sun, 31 Oct 2021 15:03:40 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158ad0e31-AMS
access-control-allow-origin
*
server
cloudflare
public-powerkit-share-buttons.css
www.dmnews.com/wp-content/plugins/powerkit/modules/share-buttons/public/css/ 		69 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/powerkit/modules/share-buttons/public/css/public-powerkit-share-buttons.css?ver=2.5.8.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45c12f3da7dd755e23120400c657d80c4413436f630607f00d3039da62ae9a1b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617eb04c-113d4"
age
22133
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ovnyzjRPif%2FGu1cTrJ1teq%2FSb2rexvlLbWisW8fm3Br%2Flid1NphAUSLXtnmRAuqO1n%2FOeu5j28IDNXeZmneMT6FTMhWAr69SpUjimyXC67%2F%2B1EMDufH0bE8%2FQn7JyJCxNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=102&recv=80&lost=0&retrans=0&sent_bytes=96815&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=448&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Sun, 31 Oct 2021 15:03:40 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158af0e31-AMS
access-control-allow-origin
*
server
cloudflare
public-powerkit-social-links.css
www.dmnews.com/wp-content/plugins/powerkit/modules/social-links/public/css/ 		145 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/powerkit/modules/social-links/public/css/public-powerkit-social-links.css?ver=2.5.8.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
185093ba5e401a03a400155368c110eb5618c56cc82a4280ce4e5e5c04ce23a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617eb04c-243f3"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TKKALf0NBtj17ZO0q0kCWTgPSnvAirxwwTUi6gOkCKv0315xjW1JCAJJfPup027y496Ux9KV8BasGDZ%2BPuip8uJF5%2F0l6dWzM0533tDzEDhMvmmMYhGqW8cGJSnsXfXUnA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=102&recv=80&lost=0&retrans=0&sent_bytes=96815&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=449&x=1", cfExtPri, cfHdrFlush;dur=9
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Sun, 31 Oct 2021 15:03:40 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158b00e31-AMS
access-control-allow-origin
*
server
cloudflare
public-powerkit-table-of-contents.css
www.dmnews.com/wp-content/plugins/powerkit/modules/table-of-contents/public/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/powerkit/modules/table-of-contents/public/css/public-powerkit-table-of-contents.css?ver=2.5.8.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df19891eb1979bed5bad1a5b827ee6e1c5766de50b95b375c96f65b64e7d7430

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617eb04c-dca"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FXYxhZsRBqjfoEr5K6gjXtLM4bQVqI2Gs0DEY%2FJOhA9lKB1RUqgLyqIMGeo3VSax9PP%2FkOOdmMD7uE9ERj9lLEmc1%2BiM8Hq%2B3ll7E7KK2DWA5wh50ac%2BLvHz5r%2FMFAWZ3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=102&recv=80&lost=0&retrans=0&sent_bytes=96815&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=449&x=1", cfExtPri, cfHdrFlush;dur=9
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Sun, 31 Oct 2021 15:03:40 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158b10e31-AMS
access-control-allow-origin
*
server
cloudflare
public-powerkit-widget-about.css
www.dmnews.com/wp-content/plugins/powerkit/modules/widget-about/public/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/powerkit/modules/widget-about/public/css/public-powerkit-widget-about.css?ver=2.5.8.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1328007b840201e2485f2d1f6479f510823bbc7ae7ccc6b657d27eedf128fa85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617eb04c-5d2"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w4fle1RJypsUf0cGyfLWExKwYZOkgTvmhPnX%2FB7R2DLjWOO0lnwfkT%2F%2BZ%2B9vIu3Oix%2FSd0NqV%2Bcet%2F3o3MV9l9rMcwtgnBuMXndAlpqg4nV%2BJAcl%2BD0aX6F5EMqbdHDCGA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=102&recv=80&lost=0&retrans=0&sent_bytes=96815&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=449&x=1", cfExtPri, cfHdrFlush;dur=9
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Sun, 31 Oct 2021 15:03:40 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158b20e31-AMS
access-control-allow-origin
*
server
cloudflare
style.css
www.dmnews.com/wp-content/themes/dmnews/ 		349 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/themes/dmnews/style.css?ver=1.0
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97fc18b31a24cb9e84740ba665d082bcd55a4eb017c0c95595bab00d7d98a5ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6480a937-575cf"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XyFRxFORx%2B%2FYLOB3WABslsRvs6FojuUIQYy71kg9pQdu6plBj6c1vBDsNQNznD%2BXOGXug66Yxp28dQk6k01tyXn1D2Z8wG%2FqCkz2hGpkeBfewqy1%2Fgl3M2WluhTJdkwJYw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:08 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=102&recv=80&lost=0&retrans=0&sent_bytes=96815&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=450&x=1", cfExtPri, cfHdrFlush;dur=8
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Wed, 07 Jun 2023 15:58:47 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158b30e31-AMS
access-control-allow-origin
*
server
cloudflare
style.css
www.dmnews.com/wp-content/plugins/searchwp-live-ajax-search/assets/styles/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/searchwp-live-ajax-search/assets/styles/style.css?ver=1.6.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4146285bb4496cc9415cba29daf393082e8358fa76d181cce3cee7fe9b960be2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bdb-6c3"
age
587891
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=meIKmCKC%2FMiAuSsUPuju7EEt03Mxrj%2FitG137Ceata28mOAAynNg%2FtIDa1rr7TMoFgMC6W4KVE%2FceOFB6JjYOpNh8ie3OPCdLYe3n%2FKFUwF1Z5RN78bth3n4uGoXrdJ5oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 01 Nov 2024 05:15:49 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=102&recv=80&lost=0&retrans=0&sent_bytes=96815&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=457&x=1", cfExtPri, cfHdrFlush;dur=1
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:15 GMT
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158b40e31-AMS
access-control-allow-origin
*
server
cloudflare
jquery.min.js
www.dmnews.com/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"654b1bd6-15601"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qPIb6FNRvkuMDSWGZIXGSNghjxejceTt9SmrX4T8u5%2BCN2nPKiViyYNaegpJgWLQ8%2FXpfPxxb7Z29HYcOFrHoE3ih%2B8esRDlGQ7fZqtCQGpZEOvZZNexARjrjnnOPvUSJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18964&sent=128&recv=87&lost=0&retrans=0&sent_bytes=118467&recv_bytes=23036&delivery_rate=580755&cwnd=42000&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=460&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Wed, 08 Nov 2023 05:25:42 GMT
priority
u=1,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158b50e31-AMS
access-control-allow-origin
*
server
cloudflare
jquery-migrate.min.js
www.dmnews.com/wp-includes/js/jquery/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"64d32358-3509"
age
98713
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hj5pO39rz%2Bq9xUmkdVD9gHBd8rZNvxY1uQDppmnmw7RDsiQgTwXxiHn%2FiscJlJ0kHEbtZ%2F9A%2FYsz34V%2FSRg1IrCOgmpHPxMbERLHTbuFejPz3%2BEECf7jJloSFTaYvU9B6w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 06 Nov 2024 21:08:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=102&recv=80&lost=0&retrans=0&sent_bytes=96815&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=450&x=1", cfExtPri, cfHdrFlush;dur=8
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Wed, 09 Aug 2023 05:25:44 GMT
priority
u=1,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158b70e31-AMS
access-control-allow-origin
*
server
cloudflare
advanced-popups-public.js
www.dmnews.com/wp-content/plugins/advanced-popups/public/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/advanced-popups/public/js/advanced-popups-public.js?ver=1.1.9
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b6482ccd356cc8ec8beb9afa3be6345da7906ef1bb3bba546a39e6394902b91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"664d06f1-29d1"
age
587891
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eijvY8oS6c2UJXaCPn2JCkrSRP2%2FHHDUR8OFZy1dPXEvFUquEuRUsICa5WXiwpwY%2FeLHUgoNVCGDPZdqR%2Ffa%2FqOYS4Og93wfHsOhGfkJAXiuZYhUd4psTRnPuc0IbVM%2F5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 01 Nov 2024 05:15:49 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=102&recv=80&lost=0&retrans=0&sent_bytes=96815&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=450&x=1", cfExtPri, cfHdrFlush;dur=8
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 21 May 2024 20:41:21 GMT
priority
u=1,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158b80e31-AMS
access-control-allow-origin
*
server
cloudflare
advanced-popups-icons.woff
www.dmnews.com/wp-content/plugins/advanced-popups/fonts/ 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/advanced-popups/fonts/advanced-popups-icons.woff
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
318c46c474af05599ec3a9d9ab778c68dc21955b4109bdd40150c75f04cff167

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.dmnews.com
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

cf-cache-status
HIT
etag
"664d06f1-55c"
age
14835
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tywP8U%2BY0%2FjtXjY45%2BUEWZigu0UQYw01g%2BS6PI3x%2B0JW0%2BhGnse5fb4ZFkZdqmY94GDtL9T81n4XMozPe79Fm917LTzJeyQ5%2Bs10GWYbXOvDTrtHVx4QVlhkUonZhVqGxg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 20:26:45 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23637&sent=102&recv=80&lost=0&retrans=0&sent_bytes=96815&recv_bytes=22731&delivery_rate=1120738&cwnd=33900&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=454&x=1", cfExtPri, cfHdrFlush;dur=4
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
font/woff
last-modified
Tue, 21 May 2024 20:41:21 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf158b90e31-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
1372
server
cloudflare
04356f8c-1061-466a-9fac-dbdbab4c5a02
https://www.dmnews.com/ Frame 		0
0
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
ads.min.js
ads.adthrive.com/sites/651d9a4e8b79f51c580f8020/ 		92 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/651d9a4e8b79f51c580f8020/ads.min.js?referrer=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F&cb=12
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-27.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
a7986f3450d22f5405938090ddb2fd5b5d0064f04dac5b81a188bdd50bb9f89d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

content-encoding
br
access-control-allow-methods
GET, HEAD
expires
0
x-cache
Miss from cloudfront
x-amz-cf-id
24zHNuMQ9_QUCdKIxg722Sc5eXdbSGg-N5jB6zX_Ef4xapD8gysQow==
date
Fri, 01 Nov 2024 00:34:01 GMT
content-type
application/javascript
vary
Accept-Encoding
adthrive-gdpr
true
adthrive-bucket
flex-69
cache-control
no-store, must-revalidate, s-maxage=28800
pragma
no-cache
adthrive-deployment
2024-10-31-01:adv-458:pr5537:3e2371f:4
adthrive-commit
3e2371f
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P3
server
CloudFront
truncated
/ 		136 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2448c7d17d953f58dc8b0c99b3e66447ca02cbc62ff9703c949a00c6d2b93aaa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		105 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d9cf9728ec83131d32bf19890c3859344d13629eb5631f387e988067b07eae2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		113 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fdc62c83b590f2db88e8a6313e44cab623e5592eaa34f997424fed46e12a212a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		96 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c60b452516367a46d614b444f396b225a3830f301f8c027f08456669d5bbc45a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		151 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e40cb4620007ace5b1447c1a20db9a10ba5ae588c24c64bd97434daeef259f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		101 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44245a9c07edadd37ca07c81ad0bf9c957f8c0f16adf6297b0cfab5b92c72600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		119 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa815cccb1545165b4617d1a4a361d8ac3479e27fee5a4e74fe1e203af938336

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
icons.ttf
www.dmnews.com/wp-content/themes/dmnews/assets/static/icon-fonts/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/themes/dmnews/assets/static/icon-fonts/icons.ttf
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/wp-content/themes/dmnews/style.css?ver=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a160388097733e6e69e4cb93c9f16f115afd2639aac6b2cdd10779a9cd45679e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.dmnews.com
Referer
https://www.dmnews.com/wp-content/themes/dmnews/style.css?ver=1.0

Response headers

cf-cache-status
HIT
etag
"617839f6-3854"
age
92568
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XZCzeSrrBURj7JDzv%2B5y9UicWzuJYestHbBPWX9zt256mjNDdpG9cszCxEHiyQd3i2Wxr42t0q%2FUpARh6zCwm6Ev1G0eUNfskh3fHpDW2tfJEDzaq5LA8MPQ2gDSKcgbEA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 06 Nov 2024 22:51:12 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17391&sent=278&recv=123&lost=0&retrans=0&sent_bytes=283545&recv_bytes=26035&delivery_rate=588721&cwnd=103200&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=590&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/octet-stream
last-modified
Tue, 26 Oct 2021 17:25:10 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf249560e31-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
14420
server
cloudflare
UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuI6fAZ9hjp-Ek-_0ew.woff
www.dmnews.com/wp-content/fonts/inter/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/fonts/inter/UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuI6fAZ9hjp-Ek-_0ew.woff
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e967e71a1e3afcefab9bb798ecc34f810a0c9b3a1e4d1bec2de15b86417cea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.dmnews.com
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

cf-cache-status
HIT
etag
"66aaa89b-7c1c"
age
579079
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BqMKY0ZaZSQ0FZkjviP7K1tpPqG4zO41RrOmS68RXWCYtKvgZ0y%2FVbqv0jy%2FQMezhxD%2F55Zhw0ZlBPNJdCd84WA%2B%2FvFGdceGCpgPypl%2BTN8KKn6qlCRmTblx1lWysSqBMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 01 Nov 2024 07:42:41 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17391&sent=337&recv=123&lost=0&retrans=0&sent_bytes=352861&recv_bytes=26035&delivery_rate=588721&cwnd=103200&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=595&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
font/woff
last-modified
Wed, 31 Jul 2024 21:11:55 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf249580e31-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
31772
server
cloudflare
UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuLyfAZ9hjp-Ek-_0ew.woff
www.dmnews.com/wp-content/fonts/inter/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/fonts/inter/UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuLyfAZ9hjp-Ek-_0ew.woff
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31656ddbb58d39790f910df827596106a5d91ce80dd4309a6aad91e08a90f9e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.dmnews.com
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

cf-cache-status
HIT
etag
"66aaa89a-79dc"
age
579079
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WQpmM6EYkasCevcyVwKgy2U6H%2FCpPNAmrLEK5vzNUGvcEyCBdKLBobkYGpQls4jL2FbcpPbkHc88X1%2BQQlu8eX4KKz82Im%2FZdzdg3jofMXMaTcqVLJzsG50PpLIT8Hk9ew%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 01 Nov 2024 07:42:41 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17391&sent=268&recv=123&lost=0&retrans=0&sent_bytes=271545&recv_bytes=26035&delivery_rate=588721&cwnd=103200&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=589&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
font/woff
last-modified
Wed, 31 Jul 2024 21:11:54 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf249590e31-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
31196
server
cloudflare
UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuGKYAZ9hjp-Ek-_0ew.woff
www.dmnews.com/wp-content/fonts/inter/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/fonts/inter/UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuGKYAZ9hjp-Ek-_0ew.woff
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a96e5ee7ab248008e5e6cc92dd561eceb892d19a10a537aa1b2e64f979351add

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.dmnews.com
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

cf-cache-status
HIT
etag
"66aaa89c-7c24"
age
579078
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XpwVx5M7Uh2QM2oqDDXdm6a2WRxwxnnSb7nqNd8okISe7ud8gz%2Fe%2FupjGQBeZpAAy0RsHZwSrTg5gg8P7lItmpGhGoHK028tgw%2BJro1hmBwCW4DSnTDdgKUKoLxwc%2Fot6g%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 01 Nov 2024 07:42:41 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17391&sent=309&recv=123&lost=0&retrans=0&sent_bytes=319642&recv_bytes=26035&delivery_rate=588721&cwnd=103200&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=591&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
font/woff
last-modified
Wed, 31 Jul 2024 21:11:56 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf2495a0e31-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
31780
server
cloudflare
lazysizes.min.js
www.dmnews.com/wp-content/plugins/ewww-image-optimizer/includes/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=690
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
495047ac37d6b00300a23fba8e4a2f690a41630860276b4c3f3215ba212d317d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"633d81bf-3843"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sShGTemjeT8Vk4hx6qXMsF0vwk6P%2FFFE5jIhudRx%2Bq9ljuXHSf12KbUvmnyxUn80%2FE%2FK6i0kADDfjx%2BzSHRtcIqQgVPpCCpjM2xKxfDduDah17uFMxcasxzNRbkD%2BhbOOA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:08 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18098&sent=387&recv=155&lost=19&retrans=19&sent_bytes=408050&recv_bytes=34435&delivery_rate=1823024&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=635&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Wed, 05 Oct 2022 13:08:15 GMT
priority
u=1,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf2998d0e31-AMS
access-control-allow-origin
*
server
cloudflare
public-block-alert.js
www.dmnews.com/wp-content/plugins/canvas/components/basic-elements/block-alert/ 		236 B
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/components/basic-elements/block-alert/public-block-alert.js?ver=2.3.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
832ab1b4aa67dc13f7bd3a4edadfd0f2e41a421400eb6249ae5d7548d0a0fb60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-ec"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gb0GYHZGKiQzNNU%2B2dRxvZr1RcATB7iL8%2B5STG5T3F0v9coJjVAQYR8Vj3JR8%2F31dmQEujcrAh5kNSmC3OSpCQ9HbnT6HS8PvyEX4Ad%2Fa7CaOdwRprP7VNaPL5s1rUZcQw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:08 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18098&sent=416&recv=155&lost=19&retrans=19&sent_bytes=438152&recv_bytes=34435&delivery_rate=1823024&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=639&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf299910e31-AMS
access-control-allow-origin
*
server
cloudflare
public-block-collapsibles.js
www.dmnews.com/wp-content/plugins/canvas/components/basic-elements/block-collapsibles/ 		755 B
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/components/basic-elements/block-collapsibles/public-block-collapsibles.js?ver=2.3.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a2c518645f351b7c0a5d4750a977bea702f9b35b7b8bad0246caf2a15da8444

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-2f3"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7gO50ELqRUV3ouEWuUaKiwh0Bm0T1Q4IRKVW0K%2BILC8%2F3eIa%2F5h9ZizGJ56Bhbd1dRckWrtEL8X6hwe2kM9Hng1HmsSKGM4kNyFH8Be5mUjU2YjDj%2FnvNQHQKdplIwkmoA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:08 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18098&sent=393&recv=155&lost=19&retrans=19&sent_bytes=414352&recv_bytes=34435&delivery_rate=1823024&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=636&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf299920e31-AMS
access-control-allow-origin
*
server
cloudflare
public-block-tabs.js
www.dmnews.com/wp-content/plugins/canvas/components/basic-elements/block-tabs/ 		736 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/components/basic-elements/block-tabs/public-block-tabs.js?ver=2.3.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca64aad202a0caa0622d7a5ccc762dd41c00f30607c549f16e5bfce44a3e32d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-2e0"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IB%2BEqxzOmRwN2t7vuXFTS6kUYicjIPQWPGS5V3z4AV%2FfaSA%2FmeqTSy190fqAWhcMKrCCNV2e%2BRQG7g6%2BGAAZJeTNjnMLN%2B%2FSeTlSudU3VpossvUB7IzuJRFEazJyWyi2Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:08 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18098&sent=396&recv=155&lost=19&retrans=19&sent_bytes=416822&recv_bytes=34435&delivery_rate=1823024&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=637&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf299930e31-AMS
access-control-allow-origin
*
server
cloudflare
jquery.justifiedGallery.min.js
www.dmnews.com/wp-content/plugins/canvas/components/justified-gallery/block/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/components/justified-gallery/block/jquery.justifiedGallery.min.js?ver=2.3.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47d0390fea1660753108946b180abe68897b889f6b448d0adc0f10f508661ed8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-484f"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4wCA85gB7E5bQl7QLmtqPQY6r8Qe%2BFnT79GDbfnq8vdWJFjNA8EjeutKtq4MmuFUwMQo4vcwninWBfOr8CPTRvY6PVoujlVwgF%2FZx1zD7%2FE1H2gw29NzC%2FilXBvG7vLSSA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:08 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18098&sent=446&recv=155&lost=19&retrans=19&sent_bytes=468897&recv_bytes=34435&delivery_rate=1823024&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=642&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf299940e31-AMS
access-control-allow-origin
*
server
cloudflare
public-block-justified-gallery.js
www.dmnews.com/wp-content/plugins/canvas/components/justified-gallery/block/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/components/justified-gallery/block/public-block-justified-gallery.js?ver=2.3.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a9ecdb41088e36f1f44732089683e2cd0baabd42f40de94ada612c371461f3c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-6a2"
age
5486
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iJ0pDCJO718vQPaZl1b1pSktCPVuOIFRfV8ZwS0j3TgPJXu5fw%2BKe%2BdBtzWs2wiaBq4xTZlHCx4Agj0ZPsptfl2ZyNud5tUutwkfYY8GzaXJjGcBJiRorK%2FlIpKfOLZkoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 23:02:34 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18098&sent=394&recv=155&lost=19&retrans=19&sent_bytes=415398&recv_bytes=34435&delivery_rate=1823024&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=637&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf299950e31-AMS
access-control-allow-origin
*
server
cloudflare
imagesloaded.min.js
www.dmnews.com/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"654b1bd6-1590"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2iafGgy%2BnyP%2BiD7tnx83AlrZ6JF6j7rKiGpX61WKgSKTEF5DkBQhShtjwzd5w0%2BecZgJJTI0PmnURIzFG399%2FJeNZ4BLJ0CpM5uywhpCQbC9gi59i991pAt574UHJkJyVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:08 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18098&sent=423&recv=155&lost=19&retrans=19&sent_bytes=445092&recv_bytes=34435&delivery_rate=1823024&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=641&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Wed, 08 Nov 2023 05:25:42 GMT
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf299960e31-AMS
access-control-allow-origin
*
server
cloudflare
flickity.pkgd.min.js
www.dmnews.com/wp-content/plugins/canvas/components/slider-gallery/block/ 		53 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/components/slider-gallery/block/flickity.pkgd.min.js?ver=2.3.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
407c57f44df9370aa9daf3f6db4458de526dfaf6c825c9017b1206537c91aca9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-d33c"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UKa1HzYPrP%2BNOjhy6%2FA5NGRgTTlmE2Wq6Vcl6rhuqAI8G0iuRE3%2F%2F2No8Tkqsfq8m4IROLUly02iPPvCpLlqOYSwpVW2vFcZHDvZ0Sj34Lm830yWKjpW9mpShUC7jbMP8w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:08 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18098&sent=397&recv=155&lost=19&retrans=19&sent_bytes=417881&recv_bytes=34435&delivery_rate=1823024&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=638&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf299970e31-AMS
access-control-allow-origin
*
server
cloudflare
public-block-slider-gallery.js
www.dmnews.com/wp-content/plugins/canvas/components/slider-gallery/block/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/canvas/components/slider-gallery/block/public-block-slider-gallery.js?ver=2.3.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62ab2ed25887f741906e8d20701a2dcef183af815995d32ed5abca3076ee3bde

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bd9-911"
age
573361
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bZ08Z3Ue%2FwYRA0MAUrobQ%2FfCzvxRE0JXtFY7DSBWKxiaBeOz048j1q7brIOd5%2FG2j3VXzvs3nujvFw4IRIQH7JGY3lAqw1WGSCd1aI5E372qoZtUIKQxcmye2ToxW3%2Bcvw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 01 Nov 2024 09:17:59 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18098&sent=414&recv=155&lost=19&retrans=19&sent_bytes=436557&recv_bytes=34435&delivery_rate=1823024&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=639&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:13 GMT
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf299980e31-AMS
access-control-allow-origin
*
server
cloudflare
index.js
www.dmnews.com/wp-content/plugins/contact-form-7/includes/swv/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"633d81b7-25d0"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b9PYxQk6asD8nMMY0%2FCBhsO8f%2B1JF0c30pYNBSBro7Xgl2%2FU%2Fq6CGM78qbp64JO25d0gWAwOiaLEihuKcpm9fB5mQmduxmVi7nD8kkU8U%2BHQpRXEsRw6HTJrbj%2FfsE4u7A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:08 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18098&sent=410&recv=155&lost=19&retrans=19&sent_bytes=432805&recv_bytes=34435&delivery_rate=1823024&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=638&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Wed, 05 Oct 2022 13:08:07 GMT
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf299990e31-AMS
access-control-allow-origin
*
server
cloudflare
index.js
www.dmnews.com/wp-content/plugins/contact-form-7/includes/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"633d81b7-2fb3"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H6LqR6ZTTIy5ZEuQ%2BtP5TAJKYCXE38E%2BrwbncE%2BUaGcauTitjetm2htaQgwDIvxQRrDBUfs8eYXVPrfdUGh%2Fkndpn0t%2F2N9U1kLyGe3vMuu9bRkvw6%2B45K7pXlZBC2W8pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:08 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18098&sent=417&recv=155&lost=19&retrans=19&sent_bytes=439060&recv_bytes=34435&delivery_rate=1823024&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=640&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Wed, 05 Oct 2022 13:08:07 GMT
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf2999a0e31-AMS
access-control-allow-origin
*
server
cloudflare
cf7msm.min.js
www.dmnews.com/wp-content/plugins/contact-form-7-multi-step-module/resources/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/contact-form-7-multi-step-module/resources/cf7msm.min.js?ver=4.1.92
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfdb442f3cefaf2cdac354f011905aa766d027e6820fabc4499f243598f9c561

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"633d81bb-1435"
age
587890
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m9qk5aAmx1gOvC12D4uk%2FD%2F%2BxExKXiXdk0Sb4jp5uAS06AUGM8HW%2BlHla7VwqnbZ8tbAYQ0gFJStOA%2FFuSV2krUqS927CoxvcffpLC5z%2BAFeYgeIUjE%2FAt9rVYwMNdMQ%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 01 Nov 2024 05:15:50 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18098&sent=446&recv=155&lost=19&retrans=19&sent_bytes=468897&recv_bytes=34435&delivery_rate=1823024&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=644&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Wed, 05 Oct 2022 13:08:11 GMT
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf2999e0e31-AMS
access-control-allow-origin
*
server
cloudflare
frontend.min.js
www.dmnews.com/wp-content/plugins/link-whisper-premium/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/link-whisper-premium/js/frontend.min.js?ver=1718645592
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
141ac568be4ebb63260741515cc6e4a81fe3abaa2599567ed81922801800fc5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66707358-128e"
age
270860
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iydeJ3HL8PrHVcjyqaGE7KQZZTtf6YJfuYQ2rqNmN%2FVRhyrq4y0Sve%2FgHsvC%2B3EfAQtfLM%2BQt06UT0VvOw1wHhnkosPZuqoeSarzLyt1YclDffut7kmt4O96nZgnXeHxFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 04 Nov 2024 21:19:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18098&sent=446&recv=155&lost=19&retrans=19&sent_bytes=468897&recv_bytes=34435&delivery_rate=1823024&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=644&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Mon, 17 Jun 2024 17:33:12 GMT
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf299a10e31-AMS
access-control-allow-origin
*
server
cloudflare
public-powerkit-basic-elements.js
www.dmnews.com/wp-content/plugins/powerkit/modules/basic-elements/public/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/powerkit/modules/basic-elements/public/js/public-powerkit-basic-elements.js?ver=4.0.0
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32879ecf9aea0b36eb97887c282c3edf857d3dab33fe098fd4047be1c0edeb4a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617eb04c-4cf"
age
67755
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=spyiQFF7MCYC8VKi4EZHmko6dII8mT1QGPW9uj4QWrL88CeQVv6yKuKT4ENE1MOSWhjOnruTvqshFTLDhK8g52CpDl1vLTfmf%2BeIRQMxHYf2Os33z0sRqli8kZVT1b9%2FAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 05:44:45 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18098&sent=422&recv=155&lost=19&retrans=19&sent_bytes=443913&recv_bytes=34435&delivery_rate=1823024&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=641&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Sun, 31 Oct 2021 15:03:40 GMT
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf299a40e31-AMS
access-control-allow-origin
*
server
cloudflare
jquery.magnific-popup.min.js
www.dmnews.com/wp-content/plugins/powerkit/modules/lightbox/public/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/powerkit/modules/lightbox/public/js/jquery.magnific-popup.min.js?ver=2.5.8.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617eb04c-4ef8"
age
576690
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1rauD0MPnIuIyzPCRWeoT8vL%2FE9YZ%2FMx3rzIe4r5g8RI5WmBpR9%2FFIR2RekG38VEG%2BgmzJ80RRUnN6l%2B9bVpI%2BkSPLF3gyirL3q6Zn0sS3%2BuehtcWDvlcOg2q3kxQXRqiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 01 Nov 2024 08:22:30 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18744&sent=465&recv=162&lost=19&retrans=19&sent_bytes=486419&recv_bytes=34744&delivery_rate=4380643&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=666&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Sun, 31 Oct 2021 15:03:40 GMT
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf299a60e31-AMS
access-control-allow-origin
*
server
cloudflare
public-powerkit-lightbox.js
www.dmnews.com/wp-content/plugins/powerkit/modules/lightbox/public/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/powerkit/modules/lightbox/public/js/public-powerkit-lightbox.js?ver=2.5.8.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
217ed695d9e683687bb2a370d6f521ab05120afcb30230edce70b25349cb44f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617eb04c-1130"
age
579079
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=omxMm89arm0Ogtr4MOAuDSB4rUs6gwhyNLi%2BQV0sxX2moV%2BkbH0R9cMKgfBrqCciCDORwLfqd97sRPyx9TWS6XWw6bmB35oDlGOg%2FgvHd9A58lUEYPln%2FRFVf%2FjE6grZrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 01 Nov 2024 07:42:41 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18098&sent=428&recv=155&lost=19&retrans=19&sent_bytes=449390&recv_bytes=34435&delivery_rate=1823024&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=641&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Sun, 31 Oct 2021 15:03:40 GMT
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf299a80e31-AMS
access-control-allow-origin
*
server
cloudflare
public-powerkit-scroll-to-top.js
www.dmnews.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/js/ 		507 B
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/js/public-powerkit-scroll-to-top.js?ver=2.5.8.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5d1555ca1d1736e61e55fa9abd975a91b48490c4582944fe2d23c22b20b817f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617eb04c-1fb"
age
16750
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dg8KtJbLLwTbhq%2Fyu6eYUoSBnWDqLexjdddF3PC85ySzCe85adqm1LgsqhAKTxG%2BTl6JhFD1RBR6CBLOE%2B6LINac5FBN5ELUooLA2iKT4GxX7caP%2FgEP1PwmGRtlrYybtA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 19:54:50 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18098&sent=446&recv=155&lost=19&retrans=19&sent_bytes=468897&recv_bytes=34435&delivery_rate=1823024&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=645&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Sun, 31 Oct 2021 15:03:40 GMT
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf299a90e31-AMS
access-control-allow-origin
*
server
cloudflare
public-powerkit-share-buttons.js
www.dmnews.com/wp-content/plugins/powerkit/modules/share-buttons/public/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/powerkit/modules/share-buttons/public/js/public-powerkit-share-buttons.js?ver=2.5.8.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4da2752a0c926a286a5ed2627348471eb7fc863524622afdfe5314759be02fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617eb04c-c0f"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DsODTIfnGaMcpeINWLjKPP%2B4B16%2FNQIuJT%2FBKgWCKNzisUwGmogF%2BdAHBL8DRJy0AL0hNhL%2BNJBRynn7LmoN2Wun27eBRgUT5cUwWPM1cHOBRKzTLpx9HeRqX5CihnJROQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:08 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18098&sent=434&recv=155&lost=19&retrans=19&sent_bytes=456043&recv_bytes=34435&delivery_rate=1823024&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=642&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Sun, 31 Oct 2021 15:03:40 GMT
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf299ab0e31-AMS
access-control-allow-origin
*
server
cloudflare
public-powerkit-table-of-contents.js
www.dmnews.com/wp-content/plugins/powerkit/modules/table-of-contents/public/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/powerkit/modules/table-of-contents/public/js/public-powerkit-table-of-contents.js?ver=2.5.8.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
327ed1dbc11570336f4056baa5ec409c7b3fb28e1c0e8a548ddbdc8923b95bbb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617eb04c-aa8"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S2c%2F5TX6skbxYvkGidrIFx7AU5nGGLpiO%2FgUSyl0ME%2FW70SxbEmExWih5cGw6XTd9q5d1014USvChhYTawvl1nS5YPOT79vw3mdBynYetfUO96w%2BsPp26m4fQrQr1QNM5g%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:08 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18098&sent=426&recv=155&lost=19&retrans=19&sent_bytes=447724&recv_bytes=34435&delivery_rate=1823024&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=641&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Sun, 31 Oct 2021 15:03:40 GMT
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf299ad0e31-AMS
access-control-allow-origin
*
server
cloudflare
scripts.js
www.dmnews.com/wp-content/themes/dmnews/assets/js/ 		86 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/themes/dmnews/assets/js/scripts.js?ver=1.0
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a1d1615c215d07865c2f1a42e45f39830a4b56a9e6d83116ceb469505176f1e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"617839de-15837"
age
79132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FvVbwHGmRd1v8K%2FS%2BO3Hau8FoCwfaHJsqqJ4%2FI0MngNkIoYQuZA0mawQCWXlBNs7f9Acw2sB9RNZ%2BBm2RDTKVJBz0a9ciZ5xxKsfarVoR%2F7HeG2IqUemgKXySAJUrtt14Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 02:35:08 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18098&sent=436&recv=155&lost=19&retrans=19&sent_bytes=457720&recv_bytes=34435&delivery_rate=1823024&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=642&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:24:46 GMT
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf299ae0e31-AMS
access-control-allow-origin
*
server
cloudflare
script.min.js
www.dmnews.com/wp-content/plugins/searchwp-live-ajax-search/assets/javascript/dist/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-content/plugins/searchwp-live-ajax-search/assets/javascript/dist/script.min.js?ver=1.6.1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aae323aae1b82ab324f2f2093cb59bef2b7c70399101ed51ee66adcf1b7e2aec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61783bdb-2b46"
age
22132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=99NhGJYYk%2FnuMQzix%2B%2BLy2iSOmyBtkLys8l3FxTsbzXv0DtogOHMcluzNMnsWCooJ94eV1uqC682vMig5Vqk9zqEiwdgmLGRPiW%2FaZjUTMHkLe3E1QJtqULsD05SoMxL1g%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 18:25:08 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18098&sent=430&recv=155&lost=19&retrans=19&sent_bytes=451512&recv_bytes=34435&delivery_rate=1823024&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=642&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Oct 2021 17:33:15 GMT
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf299af0e31-AMS
access-control-allow-origin
*
server
cloudflare
js
www.googletagmanager.com/gtag/ 		221 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-120577643-1
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c4474f7cc37a8b92cbc8ba8e08906d3c13974e2e0ce4f8185ba2ba62b976d46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 01 Nov 2024 00:34:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 01 Nov 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
80542
x-xss-protection
0
server
Google Tag Manager
DigitalMarketingNews_TransparentBackground.png.webp
images.dmnews.com/wp-content/uploads/2023/08/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmnews.com/wp-content/uploads/2023/08/DigitalMarketingNews_TransparentBackground.png.webp
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a59baf60acc079130eddbb64eed20e3015448d6380a203a6de1e95d48e4efed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

cf-cache-status
HIT
x-amz-version-id
JqoSyT4Uq_1uuOiTjVdQhDyHKvGA.Hke
etag
"658fe0c75554174ca16b1ca48dd4f1af"
age
3613979
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VPuerRZpB2Gaoci5YeKfFtEG6SG61LZu%2BEE5vDQTMWfwWihZcZt9jKuU%2Fi4Z%2FMnvPwNddJf93Xxz6PW8uRZnB1FUqPIPoJdRL4iQM2np4OgpGtMhm9YPROf2HCpptog%2BBxv%2F5w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18797&sent=492&recv=173&lost=19&retrans=19&sent_bytes=514580&recv_bytes=37499&delivery_rate=1294679&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=727&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
image/webp
last-modified
Thu, 03 Aug 2023 17:54:38 GMT
vary
Accept-Encoding
priority
u=3,i
x-amz-id-2
3Co7nzygQAxTawoiwFIgcKTI1XaJ6jufKvfakkVz31BbVHS54cOarZ64GsSoTB6R2vsl/1qN9/Q=
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
J5ZXHWSA366NZQYC
cf-ray
8db7cbf31a400e31-AMS
accept-ranges
bytes
content-length
13426
server
cloudflare
649e209165ce619585d2de5e93c1d777
secure.gravatar.com/avatar/ 		983 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/649e209165ce619585d2de5e93c1d777?s=40&d=mm&r=g
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca775cd8ab837239f9497e8afe90403d78cb37581c0adfe4003012d24bea020e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

link
<https://gravatar.com/avatar/649e209165ce619585d2de5e93c1d777?s=40&d=mm&r=g>; rel="canonical"
cache-control
max-age=300
x-nc
HIT ams 2
expires
Fri, 01 Nov 2024 00:39:00 GMT
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
983
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
image/jpeg
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-disposition
inline; filename="649e209165ce619585d2de5e93c1d777.png"
Google-Meet-Malware-800x457.jpg.webp
images.dmnews.com/wp-content/uploads/2024/10/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmnews.com/wp-content/uploads/2024/10/Google-Meet-Malware-800x457.jpg.webp
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76492f208e5fed3833ca9a04daf4e6c559ed7b6760ce2ff6eaa9b66bc41d88ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

cf-cache-status
MISS
x-amz-version-id
8lFXhymWkZyhPQ_WDj9gmxOUIMzxs.kb
etag
"55b2cfcf1a732ba9655adfdb0b7c1b6f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MnDApt5%2BKOS8h6%2B24Ku%2Fzkl9BXrHfo6Z6gmYlVmlZnS%2F5cHvfkEW5Z4N6qm9wdZYXTmc9bhNULjPc3%2B04qDmkGeIX%2FNUWlWxSx72%2FwXIkkcbx77K9rC%2Fm%2BHGalghobuChGj0Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17023&sent=510&recv=180&lost=19&retrans=19&sent_bytes=532656&recv_bytes=38138&delivery_rate=182389&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=1089&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:01 GMT
content-type
image/webp
last-modified
Wed, 30 Oct 2024 09:18:36 GMT
vary
Accept-Encoding
priority
u=1,i
x-amz-id-2
LKrAbZtW3URVGAYPvPrQqQYHeroe84V8EpV+OjC2+muZxXKnxwZDoCuTHtB48iCoC8JFO96X40A=
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
W1PK4TDQKFC6XZYW
cf-ray
8db7cbf31a3f0e31-AMS
accept-ranges
bytes
content-length
33014
server
cloudflare
Personalized-E-commerce-80x80.jpg.webp
images.dmnews.com/wp-content/uploads/2024/10/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmnews.com/wp-content/uploads/2024/10/Personalized-E-commerce-80x80.jpg.webp
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f812dc7aa300086b3ca0e680e6abc4d183936940460bece30f0ccd6984ee2ac7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

cf-cache-status
HIT
x-amz-version-id
.whbkunMoQLTcDMlLPA.JypTKFssZTTH
etag
"bf32ec97ed65214ac91a0a0342a72f6d"
age
1595
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BqiB1spqGkK5YKXWM6Cc92c%2F3CakPlTTWAdv6JNYcb%2FKsrGqVnmZMxQiEEginYC8D1NZbzrni3nYjwfSQbl%2BGdL5fAvYlp0QHB6%2Fju3B05cAZbIdb5HbyNFM26LfR6Q0t3yv1g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18797&sent=477&recv=173&lost=19&retrans=19&sent_bytes=498269&recv_bytes=37499&delivery_rate=1294679&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=723&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
image/webp
last-modified
Wed, 30 Oct 2024 09:17:34 GMT
vary
Accept-Encoding
priority
u=3,i
x-amz-id-2
T7PxnkqcaFFzqaxJQOaSahsbQnRZ8TEE9n7R/hJYmT2nIVXmpAMZ9z5L9jFuuft6oG4wPuPhZz3ZBc0bsz17BDgfCeGvEZ2QHqVWxI+NyDE=
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ZN32TXS7NKD53BQB
cf-ray
8db7cbf31a3d0e31-AMS
accept-ranges
bytes
content-length
2778
server
cloudflare
Winter-Skincare-80x80.jpg.webp
images.dmnews.com/wp-content/uploads/2024/10/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmnews.com/wp-content/uploads/2024/10/Winter-Skincare-80x80.jpg.webp
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b3daf73a65debec0c15eed6137f51a3280ea8815f658aa8ddb242a2eff91d74

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

cf-cache-status
HIT
x-amz-version-id
vpTJqQ0.eBLfUSHAGGtEXNvnmwKbxx90
etag
"9719117cb75639ed11766abb9748a3ae"
age
1595
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xRhMnGDXwzhuoeXtwOIG6YIp2SfPwXke6vVCrtAftCjjJEmAJo%2BCEvKu0L12dG9qe%2BgqAo2DWR9DMzRpbeT3GVlFvA79AjCEyzgty4L03ug%2Fw4F5fH03%2BNj0LWdBQOiQOa3%2F8g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18797&sent=474&recv=173&lost=19&retrans=19&sent_bytes=494832&recv_bytes=37499&delivery_rate=1294679&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=722&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
image/webp
last-modified
Wed, 30 Oct 2024 09:15:20 GMT
vary
Accept-Encoding
priority
u=3,i
x-amz-id-2
XRBIhCt7QXU9HEQHR1TjYxs5tYdahkPCpTHeNx1mvvYHZXTzJ5DgwqfiG41BQOZd/cG7EU6Wa0hqQe4XwLKJsdACLodWoslv
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ZN32PCPZ4KB36S5C
cf-ray
8db7cbf31a3b0e31-AMS
accept-ranges
bytes
content-length
2510
server
cloudflare
IoMT-Risks-80x80.jpg.webp
images.dmnews.com/wp-content/uploads/2024/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmnews.com/wp-content/uploads/2024/10/IoMT-Risks-80x80.jpg.webp
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1daf084e4188c42bc0657fae9116a9fb3f20f9fe76fb471bf7acc23dd47949d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

cf-cache-status
HIT
x-amz-version-id
EVrD26KL_yGnV1C2Rye2eZnJx_r4t1.B
etag
"a3c39c6b4562d44c4f40098ec3cf6007"
age
40006
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=egnc2sGsO8i0sNGw7dF864t6x2CWvm6%2FbORCT9aVw%2FvrnkaJEBRGlErOSAAWYNu%2B8Qz4K2uO396Urdrrmt%2BIGzR%2FPPxbHLrWKlHwvxiKqvnHM8N4rZXIktGvM0HMN16Dpya8KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18797&sent=486&recv=173&lost=19&retrans=19&sent_bytes=507852&recv_bytes=37499&delivery_rate=1294679&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=723&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
image/webp
last-modified
Wed, 30 Oct 2024 09:16:22 GMT
vary
Accept-Encoding
priority
u=3,i
x-amz-id-2
0/fdzCN1kfepxlPMTTP0Glq000W0KlyU2+zwSnDLpZN7Jo6E3RLpxGTApDHCORuoiIVx9t+gcxg=
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
GB5X6ZSK3XX2ZS05
cf-ray
8db7cbf31a380e31-AMS
accept-ranges
bytes
content-length
2564
server
cloudflare
Google-Meet-Malware-80x80.jpg.webp
images.dmnews.com/wp-content/uploads/2024/10/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmnews.com/wp-content/uploads/2024/10/Google-Meet-Malware-80x80.jpg.webp
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03fdef11beb7633e0b3d7390658860a48f0fb9be56eac1723163ef10fa2501fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

cf-cache-status
HIT
x-amz-version-id
Bp9mNh0z8ozaF0xGs.ZBypQlHvf2CuZ8
etag
"0bacdbd29f1c9349a35f1079db4fc723"
age
43792
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0b8szq7W%2FMo%2BdmT5YTjO1D5Zg3T7VWSP3O1pu7vpmYciuPL19OwRhdYcNQsmcIon0%2BqeGBj4ucX8IJ9KOWUGwTJvlR0oSqAO9d97nEEG7Ej34Xe6a138T7EgF7Ga2LT4HZS5EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18797&sent=489&recv=173&lost=19&retrans=19&sent_bytes=511325&recv_bytes=37499&delivery_rate=1294679&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=724&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
image/webp
last-modified
Wed, 30 Oct 2024 09:18:36 GMT
vary
Accept-Encoding
priority
u=3,i
x-amz-id-2
azDWG4Yo+quRZTt4t3JtyIaRC+cqgJiho0+/ms5kDbGq55HF4raZYY6o0/EZW3QowE37PTPr64k=
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9B6PJNC00SQ2WYRG
cf-ray
8db7cbf31a3c0e31-AMS
accept-ranges
bytes
content-length
2348
server
cloudflare
a2d15c78thumbnail-80x80.jpeg.webp
images.dmnews.com/wp-content/uploads/2024/10/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmnews.com/wp-content/uploads/2024/10/a2d15c78thumbnail-80x80.jpeg.webp
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
641d46628e1dce7d2d0a7d6aba1736f5c82e02e7f0f49cd95930b7055c49021f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

cf-cache-status
HIT
x-amz-version-id
2vQa4MzgTGrGN41XlGl8VIU_ZL8v_U85
etag
"3ab525012c80275dbe6e77982a359e8b"
age
43792
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vyn0A3DklXSn7rASRc3lImLnP9Euj%2BpZccAzSVZmoGrLcZSI8dBbrueC9fC9sfN9%2BwqneHl9MhmqKZAXWV%2BVSm%2F1UztcbFvpQtbUfXen5LqSyrf4NmIXy8LfsEdEKyXsQaWo%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17519&sent=507&recv=178&lost=19&retrans=19&sent_bytes=529216&recv_bytes=38048&delivery_rate=1312385&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=757&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
image/webp
last-modified
Thu, 31 Oct 2024 05:32:18 GMT
vary
Accept-Encoding
priority
u=3,i
x-amz-id-2
BJpKrJk8263GBhDnTABFen3JeoouJUuXO8xCrNJk+S6TwutzooAzy378Z4iX6bSVrHttlvPQnvrlN7Ob8oy7OQzQxjVSdbzk
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9B6P5MYMK8JC2T3W
cf-ray
8db7cbf35a5f0e31-AMS
accept-ranges
bytes
content-length
2514
server
cloudflare
abd.js
ads.adthrive.com/abd/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/abd/abd.js
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-27.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73e8fdebeab4f384cac905005edbc1b1cc6c9fcbd18c111103d5066401abdded

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
os8MwQFHVWjrrk14iP4Ip4gSDo8pMj4I
etag
W/"1a1900d242621b126237113a25ab0ab3"
age
3339
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
XxpYcS0vAJ9F8DGCkdOXUfJ-qX7JdB9np5qpDCYfUM7zzVetY-TR7Q==
date
Thu, 31 Oct 2024 23:38:22 GMT
content-type
application/javascript
last-modified
Tue, 06 Sep 2022 21:10:57 GMT
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P3
server
AmazonS3
wp-emoji-release.min.js
www.dmnews.com/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"660ce859-4926"
age
162792
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DYnkrPeSE1yfDaNK2za2uT86%2F5ZxTVFEuJfMBTcOgQ%2ByLyrOuJHFLqlbKRCpTPIAfFwPlGVztE45DGJxoGBF2gKZMu8TtfzQMvuNYe1xUJDuc13ubio9jfl5FwcUrvF%2B6g%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 06 Nov 2024 03:20:48 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18797&sent=481&recv=173&lost=19&retrans=19&sent_bytes=502005&recv_bytes=37499&delivery_rate=1294679&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=723&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Wed, 03 Apr 2024 05:25:45 GMT
priority
u=3,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8db7cbf32a420e31-AMS
access-control-allow-origin
*
server
cloudflare
chatbotProfile
chat.direqt.ai/api/ 		480 B
840 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://chat.direqt.ai/api/chatbotProfile?botId=6634e43e0e65d93c784daeca
Requested by
Host: chat.direqt.ai
URL: https://chat.direqt.ai/embed.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c00ce414aaa78ee559725e5918d41881610571e6636cdf92e9b5a04298af6e51
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.dmnews.com/

Response headers

access-control-max-age
0
content-encoding
gzip
x-orig-accept-language
nl-NL,nl;q=0.9
access-control-allow-methods
*
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-country-code
NL
x-cache
MISS
date
Fri, 01 Nov 2024 00:34:01 GMT
content-type
application/json
x-cloud-trace-context
1ee8e67ccf061125469a14bf036b7f46
x-served-by
cache-ams21057-AMS
x-cache-hits
0
access-control-allow-headers
*
strict-transport-security
max-age=31556926
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
cache-control
public, max-age=300, s-maxage=300
x-timer
S1730421241.061025,VS0,VE265
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
361
function-execution-id
5c8u2z1l0zxe
server
Google Frontend
chatbotProfile
chat.direqt.ai/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://chat.direqt.ai/api/chatbotProfile?botId=6634e43e0e65d93c784daeca
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.dmnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
public, max-age=300, s-maxage=300
content-encoding
gzip
content-type
application/json
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Nov 2024 00:34:01 GMT
function-execution-id
pgeuxu48co5s
server
Google Frontend
strict-transport-security
max-age=31556926
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-cloud-trace-context
85b707638da145431d634034d2da66cc
x-country-code
NL
x-orig-accept-language
nl-NL,nl;q=0.9
x-served-by
cache-ams21057-AMS
x-timer
S1730421241.858560,VS0,VE185
135293X1598627.skimlinks.js
s.skimresources.com/js/ 		53 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/135293X1598627.skimlinks.js
Requested by
Host: affiliate-cdn.raptive.com
URL: https://affiliate-cdn.raptive.com/affiliate.mvp.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Skimlinks V9.0 /
Resource Hash
ab21e60bfdf5a278b4bb9fe96ab04ad23de3241bc4832c23525f7c183db54d81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/

Response headers

cache-control
public, max-age=3600
content-encoding
gzip
x-amz-version-id
mbVp2S85_yLs.t8z67Iryg_APZqToTCI
etag
"60bd12ba3a2a03748bd537c2dddb7c9b"
accept-ranges
bytes
x-cache
HIT
p3p
policyref="https://s.skimresources.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
20134
date
Fri, 01 Nov 2024 00:34:01 GMT
content-type
text/javascript
x-served-by
cache-bru1480075-BRU
server
Skimlinks V9.0
x-cache-hits
1
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		276 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CLD7YEG2WF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-120577643-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
879c27c4eb60a1b1aefefedef5bfb21a3d4a99e5b2cf23acb5ed50d8b2b010ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 01 Nov 2024 00:34:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 00:34:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98217
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-120577643-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

content-encoding
gzip
age
3832
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Nov 2024 01:30:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 23:30:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
robots.txt
t.skimresources.com/api/v2/ Frame 0C40 		0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.9424930059495209
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

via
1.1 google
cache-control
private, no-store
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 01 Nov 2024 00:34:01 GMT
content-type
text/plain
server
nginx
px.gif
p.skimresources.com/ 		43 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=5.7565091867055695
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
43
date
Fri, 01 Nov 2024 00:34:01 GMT
content-type
image/gif
server
Skimlinks Pixel 1.0
px.gif
p.skimresources.com/ 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=5.7565091867055695
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
43
date
Fri, 01 Nov 2024 00:34:01 GMT
content-type
image/gif
server
Skimlinks Pixel 1.0
/
r.skimresources.com/api/ 		149 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/135293X1598627.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
56166c978e97dcffa7e4184e6eea22c72673f51195ba30c6a84ea404da0ee594
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://www.dmnews.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.dmnews.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 00:34:01 GMT
content-type
application/json
vary
Accept-Encoding
server
openresty/1.21.4.1
cmp.php
b.delivery.consentmanager.net/delivery/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.delivery.consentmanager.net/delivery/cmp.php?&cdid=aa95c00731726&h=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F&&__cmpfcc=1&l=en&ls=EN_EN_NL&lp=EN-US&o=1730421241101
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/651d9a4e8b79f51c580f8020/ads.min.js?referrer=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F&cb=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.230.98.78 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
ds87-230-98-78.dedicated.psmanaged.com
Software
/
Resource Hash
2f5b9e4d83d0e068c1b529ae1423aaed9f1e98ef758767c576b77f10de24eb1d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Thu, 01 Dec 1994 16:00:00 GMT
access-control-allow-origin
*
date
Fri, 01 Nov 2024 00:34:01 GMT
edge-control
no-store, no-cache, must-revalidate
last-modified
Fri, 01 Nov 2024 00:34:01 GMT
x-xss-protection
0
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cmp_final.min.js
cdn.consentmanager.net/delivery/js/ 		443 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.consentmanager.net/delivery/js/cmp_final.min.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/651d9a4e8b79f51c580f8020/ads.min.js?referrer=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F&cb=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::101 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6b65b29fde63aca60fa0aec56df0fc8fed2ea22a6e90a755a1ac97407e196525

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

content-encoding
gzip
etag
W/"6eb14-6254f3ccd5e40"
x-77-cache
HIT
expires
Sat, 26 Oct 2024 16:03:03 GMT
date
Fri, 01 Nov 2024 00:34:01 GMT
edge-control
max-age=86400
content-type
application/javascript
last-modified
Fri, 25 Oct 2024 16:01:53 GMT
x-77-nzt-ray
0d1fa51870658a79f9212467cbc39a0a
vary
Accept-Encoding
x-77-nzt
EgwBJRPCTwH3vHcAAAwBJRPCNAW1AAAAAA
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-77-pop
frankfurtDE
x-77-age
30652
server
CDN77-Turbo
marmalade
ads.adthrive.com/api/v1/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v1/marmalade?siteid=651d9a4e8b79f51c580f8020&url=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F&deliveryFeatures=amazonBetaApstag,consentManagerCMP,optimalBidders,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,ttdSync,optableLoad
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/651d9a4e8b79f51c580f8020/ads.min.js?referrer=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F&cb=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-27.fra60.r.cloudfront.net
Software
/
Resource Hash
c5431f44fa564ac806c13e5a13e950a2250dfbcb18b6a8d7298a2e254b38e710

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

cache-control
max-age=3600, s-maxage=3600
content-encoding
br
x-amz-apigw-id
Aio_BFMPoAMEBrw=
x-amzn-trace-id
Root=1-672421f9-5bfdf78f000d2d5e0f99a63d;Parent=1123b168fa63ce85;Sampled=0;Lineage=1:e948d84a:0
access-control-allow-methods
GET
x-amzn-requestid
b2f8814b-75f2-4f4c-b46c-00acf9bb9bbd
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
aRBVzy1JVpbtCUk9aAGkedLkhsPxdx8x4kUtK7w3AQ93GkHos38rFw==
date
Fri, 01 Nov 2024 00:34:01 GMT
content-type
application/json
vary
Accept-Encoding
x-amz-cf-pop
FRA60-P3
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		106 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/651d9a4e8b79f51c580f8020/ads.min.js?referrer=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F&cb=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
05335cb4b1aecdb7e8e92c9fc5033afb7423750e70f27469c2b33f200a0d4cc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

content-encoding
br
etag
743 / 20028 / m202410280101 / config-hash: 8599547047122433552
x-content-type-options
nosniff
expires
Fri, 01 Nov 2024 00:34:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 01 Nov 2024 00:34:01 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33841
x-xss-protection
0
server
cafe
prebid.min.js
ads.adthrive.com/builds/core/3e2371f/gdpr/vendor/prebid/es2018/ 		643 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/3e2371f/gdpr/vendor/prebid/es2018/prebid.min.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/651d9a4e8b79f51c580f8020/ads.min.js?referrer=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F&cb=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-27.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
293abc8b99c6444ff0578677a5fab2c60bc3f4f3c1dd7ff5358a8a35a34d54f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=86400
content-encoding
br
x-amz-version-id
GDQJDr4kyVpKgHPoy.qfiiFmfopK0Guz
etag
W/"e588f60cb67af9fdfd3a7f0f444574cb"
age
1929
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
P3amfAJcuTD_-klnW7LawS2sI_teJhyRNvC0xRahxTjzU_xgLcv8Mw==
date
Fri, 01 Nov 2024 00:01:53 GMT
content-type
text/javascript
last-modified
Thu, 31 Oct 2024 17:36:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
x-amz-server-side-encryption
AES256
raptive-sdk.js
raptive.solutions.cdn.optable.co/public-assets/ 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://raptive.solutions.cdn.optable.co/public-assets/raptive-sdk.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/651d9a4e8b79f51c580f8020/ads.min.js?referrer=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F&cb=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.62.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.62.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
abb6f9cbc61da4a1b4d48634f68976a6b0f3423ac38a0fdf42553fb40f5fcfdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=QL14GQ==, md5=N/jJmur2BAN76pwnex81fw==
etag
"37f8c99aeaf604037bea9c277b1f357f"
age
2127
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
24468
date
Thu, 31 Oct 2024 23:58:34 GMT
last-modified
Mon, 30 Sep 2024 17:28:39 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY0l04cgV7NHXNBfgfSDx-bMmGexnPEJuPMZLhBmYqVaEODC85Hkb57cH86ah5aVHJz-1Jiq6HpXbw
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public,max-age=86400,no-transform
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
x-goog-generation
1727717319416745
content-length
24468
server
UploadServer
651d9a4e8b79f51c580f8020
ads.adthrive.com/api/v2/raptiveFloors/ 		42 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v2/raptiveFloors/651d9a4e8b79f51c580f8020
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/651d9a4e8b79f51c580f8020/ads.min.js?referrer=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F&cb=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-27.fra60.r.cloudfront.net
Software
/
Resource Hash
616133e635c669e56ab845e6ec85b4dddcd166f95f6006724fe34857bdef0ff2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

content-encoding
br
x-amz-apigw-id
Aio_BG1HIAMEvpw=
x-amzn-trace-id
Root=1-672421f9-63cd4d3f4f14d05b0e7ead9f;Parent=653115b1b99e87c9;Sampled=0;Lineage=1:e7e36c41:0
access-control-allow-methods
GET
x-amzn-requestid
4bc33705-48bd-4bc3-adb2-3b53790e9a06
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
BmNJjpaGG0lJfcEk8Pb6gDfbKfC_88-Oo1L3z6Q1fp3a_OY3vDERsg==
date
Fri, 01 Nov 2024 00:34:01 GMT
content-type
application/json
vary
Accept-Encoding
x-amz-cf-pop
FRA60-P3
651d9a4e8b79f51c580f8020
ads.adthrive.com/api/v2/optimalBidders/ 		171 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v2/optimalBidders/651d9a4e8b79f51c580f8020?bw=10&h=1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/651d9a4e8b79f51c580f8020/ads.min.js?referrer=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F&cb=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-27.fra60.r.cloudfront.net
Software
/
Resource Hash
bd0a4da10df7a38a290fc8063b8efecd59ea7c7f6e554c08a49d7da8fdd7059a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

x-amz-apigw-id
Aio_BGoNIAMEJrQ=
x-amzn-trace-id
Root=1-672421f9-680cb7a118dea36e03ae798d;Parent=294970752bd33efb;Sampled=0;Lineage=1:963c996c:0
access-control-allow-methods
GET
x-amzn-requestid
658b96f2-eb42-4332-b5f7-2e1c04638978
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
171
x-amz-cf-id
oZyvPxrmuvtVhZa9Mok0cCZkCFsNOyrTeEY-ygcOGa1WEC3EZUVvuQ==
date
Fri, 01 Nov 2024 00:34:01 GMT
content-type
application/json
x-amz-cf-pop
FRA60-P3
adthrive.min.js
ads.adthrive.com/builds/core/3e2371f/es2018/js/ 		1 MB
373 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/3e2371f/es2018/js/adthrive.min.js?deployment=2024-10-31-01:adv-458:pr5537:3e2371f:4&bucket=flex-69&deliveryFeatures=amazonBetaApstag,consentManagerCMP,optimalBidders,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,ttdSync,optableLoad&siteid=651d9a4e8b79f51c580f8020
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/651d9a4e8b79f51c580f8020/ads.min.js?referrer=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F&cb=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-27.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
45bed94e25e9e47ffc4cfc56923e120642b89d2f0c4f8a78dd53aad48265dfe2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

cache-control
max-age=3600, s-maxage=86400
content-encoding
gzip
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
381008
x-amz-cf-id
TD7gy8wi4xEmm200_HsHCrss2WrNoGTsbKezrauo_hemMe__aNMG6A==
date
Fri, 01 Nov 2024 00:34:02 GMT
content-type
application/javascript
x-amz-cf-pop
FRA60-P3
server
CloudFront
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CLD7YEG2WF&gtm=45je4au0v9122472941za200&_p=1730421240813&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=101533422~101823848~101878899~101878944~101925629&cid=1629575041.1730421241&ul=nl-nl&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1730421241&sct=1&seg=0&dl=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F&dt=Sekoia%20uncovers%20new%20Google%20Meet%20malware&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1104
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CLD7YEG2WF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.dmnews.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 00:34:01 GMT
content-type
text/plain
server
Golfe2
/
r.skimresources.com/api/ 		149 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/135293X1598627.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
56166c978e97dcffa7e4184e6eea22c72673f51195ba30c6a84ea404da0ee594
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://www.dmnews.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.dmnews.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 00:34:01 GMT
content-type
application/json
vary
Accept-Encoding
server
openresty/1.21.4.1
bV8xLndfODY2ODUucl9HRFBSLmxfZW4uZF8zNDI5My54XzkyLnYucC50XzM0MjkzLnh0Xzc0.js
cdn.consentmanager.net/delivery/customdata/ 		127 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.consentmanager.net/delivery/customdata/bV8xLndfODY2ODUucl9HRFBSLmxfZW4uZF8zNDI5My54XzkyLnYucC50XzM0MjkzLnh0Xzc0.js
Requested by
Host: b.delivery.consentmanager.net
URL: https://b.delivery.consentmanager.net/delivery/cmp.php?&cdid=aa95c00731726&h=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F&&__cmpfcc=1&l=en&ls=EN_EN_NL&lp=EN-US&o=1730421241101
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::101 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
db526b90d4ebbf1149ae69edca30e6a10cea34fb6b25691fb71639e045ebaab5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

content-encoding
gzip
x-77-cache
HIT
expires
Fri, 01 Nov 2024 01:04:02 GMT
date
Fri, 01 Nov 2024 00:34:04 GMT
edge-control
public, max-age=1800
content-type
text/javascript; charset=utf-8
x-77-nzt-ray
0d1fa51870658a79f9212467cf11d70c
vary
Accept-Encoding
last-modified
Fri, 01 Nov 2024 00:34:02 GMT
x-77-nzt
EgwBJRPCTwGzCAcAAAwBJRPCMQG3/v///w
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-77-pop
frankfurtDE
x-xss-protection
0
x-77-age
-2
server
CDN77-Turbo
collect
www.google-analytics.com/j/ 		1 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1072411424&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F&ul=nl-nl&de=UTF-8&dt=Sekoia%20uncovers%20new%20Google%20Meet%20malware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1294770073&gjid=4296933&cid=1629575041.1730421241&tid=UA-120577643-1&_gid=1053760276.1730421241&_r=1&gtm=457e4au0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&jsscut=1&npa=1&z=511949687
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.dmnews.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 00:34:01 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.dmnews.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
page
t.skimresources.com/api/v2/ 		22 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/135293X1598627.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.11 aiohttp/3.8.6 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://www.dmnews.com/

Response headers

cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.dmnews.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
date
Fri, 01 Nov 2024 00:34:01 GMT
content-type
text/plain; charset=utf-8, application/javascript
server
Python/3.11 aiohttp/3.8.6
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
config
raptive-auth.cloud.optable.co/s-651d9a4e8b79f51c580f8020/ 		515 B
733 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://raptive-auth.cloud.optable.co/s-651d9a4e8b79f51c580f8020/config?osdk=web-v0.20.1&cookies=no&passport=
Requested by
Host: raptive.solutions.cdn.optable.co
URL: https://raptive.solutions.cdn.optable.co/public-assets/raptive-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.155.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.155.149.34.bc.googleusercontent.com
Software
/
Resource Hash
f6c9461554979de307df7ec3ba9f08637d99d9a5cb2072ecda405b74bd302381

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Referer
https://www.dmnews.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.dmnews.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
515
date
Fri, 01 Nov 2024 00:34:01 GMT
content-type
application/json; charset=utf-8
vary
Origin
config
raptive-test.cloud.optable.co/default/ 		389 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://raptive-test.cloud.optable.co/default/config?osdk=web-v0.20.1&cookies=no&passport=
Requested by
Host: raptive.solutions.cdn.optable.co
URL: https://raptive.solutions.cdn.optable.co/public-assets/raptive-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.155.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.155.149.34.bc.googleusercontent.com
Software
/
Resource Hash
778c4f286886c435caef888eaae1b7d6ef0f36b2a86ba04cced647fa88538086

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Referer
https://www.dmnews.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.dmnews.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
389
date
Fri, 01 Nov 2024 00:34:01 GMT
content-type
application/json; charset=utf-8
vary
Origin
config
raptive-auth.cloud.optable.co/s-651d9a4e8b79f51c580f8020/ 		515 B
602 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://raptive-auth.cloud.optable.co/s-651d9a4e8b79f51c580f8020/config?osdk=web-v0.20.1&cookies=no&passport=
Requested by
Host: raptive.solutions.cdn.optable.co
URL: https://raptive.solutions.cdn.optable.co/public-assets/raptive-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.155.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.155.149.34.bc.googleusercontent.com
Software
/
Resource Hash
2bcccb9ae360aa0d9d44827ed5cc6801da0ca95781254c6ffd806d87247d4016

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Referer
https://www.dmnews.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.dmnews.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
515
date
Fri, 01 Nov 2024 00:34:01 GMT
content-type
application/json; charset=utf-8
vary
Origin
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/ 		483 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
346c66e4f479f4a17ed1401f493c41c4c36b694580749098da5224e7707ed994
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

content-encoding
br
etag
2396380646379452942
age
32321
x-content-type-options
nosniff
expires
Fri, 31 Oct 2025 15:35:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 31 Oct 2024 15:35:20 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
153075
x-xss-protection
0
server
cafe
embed
chat.direqt.ai/chatbot/6634e43e0e65d93c784daeca/ Frame 43B8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://chat.direqt.ai/chatbot/6634e43e0e65d93c784daeca/embed?referrer=https%253A%252F%252Fwww.dmnews.com%252Fsekoia-uncovers-new-google-meet-malware%252F&layout=overlay&storyId=https%253A%252F%252Fwww.dmnews.com%252Fsekoia-uncovers-new-google-meet-malware%252F&disableUiExtensions=true&searchOnly=false&strict=1&startHint=poll
Requested by
Host: chat.direqt.ai
URL: https://chat.direqt.ai/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Nuxt
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://www.dmnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
private
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Fri, 01 Nov 2024 00:34:01 GMT
function-execution-id
pw6phi9lstsi
server
Google Frontend
strict-transport-security
max-age=31556926
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-cloud-trace-context
a2a0c7ae7d503611ba16686a0db23283
x-country-code
NL
x-orig-accept-language
nl-NL,nl;q=0.9
x-powered-by
Nuxt
x-served-by
cache-bru1480026-BRU
x-timer
S1730421241.385378,VS0,VE321
join
ads.optable.co/ca/paapi/v1/dsp/ig/ Frame 0419 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.optable.co/ca/paapi/v1/dsp/ig/join?origin=ace043bf-d78b-4e55-8524-b954c73c1225&vid=v%3A63BRfvsKkYJd6L6hLO0kBW
Requested by
Host: raptive.solutions.cdn.optable.co
URL: https://raptive.solutions.cdn.optable.co/public-assets/raptive-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.250.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.250.178.107.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://localhost https://*.adthrive.com https://adthrive.com https://*.dmnews.com https://dmnews.com

Request headers

Referer
https://www.dmnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

ad-auction-allowed
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1788
content-security-policy
frame-ancestors https://localhost https://*.adthrive.com https://adthrive.com https://*.dmnews.com https://dmnews.com
content-type
text/html; charset=utf-8
date
Fri, 01 Nov 2024 00:34:01 GMT
via
1.1 google, 1.1 google
collect
chat.direqt.ai/api/ 		2 B
487 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://chat.direqt.ai/api/collect
Requested by
Host: chat.direqt.ai
URL: https://chat.direqt.ai/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.dmnews.com/

Response headers

access-control-max-age
0
content-encoding
gzip
x-orig-accept-language
nl-NL,nl;q=0.9
access-control-allow-methods
POST, OPTIONS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-country-code
NL
x-cache
MISS
date
Fri, 01 Nov 2024 00:34:01 GMT
content-type
application/json
x-cloud-trace-context
8fbb7551f44b119d1ae10aa95fb97d04
x-served-by
cache-bru1480045-BRU
x-cache-hits
0
access-control-allow-headers
*
strict-transport-security
max-age=31556926
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
cache-control
private
x-timer
S1730421242.811612,VS0,VE147
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
function-execution-id
pw6pi3v06exk
server
Google Frontend
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1072411424&t=event&_s=2&dl=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F&ul=nl-nl&de=UTF-8&dt=Sekoia%20uncovers%20new%20Google%20Meet%20malware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=direqt_init&ev=1&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=1629575041.1730421241&tid=UA-120577643-1&_gid=1053760276.1730421241&gtm=457e4au0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&jsscut=1&tcfd=1000h&npa=1&z=1441931877
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

age
80578
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 02:11:03 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
collect
chat.direqt.ai/api/ 		2 B
491 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://chat.direqt.ai/api/collect
Requested by
Host: chat.direqt.ai
URL: https://chat.direqt.ai/embed.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.dmnews.com/

Response headers

access-control-max-age
0
content-encoding
gzip
x-orig-accept-language
nl-NL,nl;q=0.9
access-control-allow-methods
POST, OPTIONS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-country-code
NL
x-cache
MISS
date
Fri, 01 Nov 2024 00:34:01 GMT
content-type
application/json
x-cloud-trace-context
749f62a95eb2db28a28d72c2d7065826
x-served-by
cache-bru1480074-BRU
x-cache-hits
0
access-control-allow-headers
*
strict-transport-security
max-age=31556926
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
cache-control
private
x-timer
S1730421242.845155,VS0,VE145
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
function-execution-id
pgeu14huj6se
server
Google Frontend
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1072411424&t=event&_s=3&dl=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F&ul=nl-nl&de=UTF-8&dt=Sekoia%20uncovers%20new%20Google%20Meet%20malware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=direqt_load_success&ev=1&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=1629575041.1730421241&tid=UA-120577643-1&_gid=1053760276.1730421241&gtm=457e4au0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&jsscut=1&tcfd=1000h&npa=1&z=258946287
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

age
80578
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 02:11:03 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
i.html
ads.adthrive.com/builds/core/3e2371f/html/ Frame 59EC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/3e2371f/html/i.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/3e2371f/es2018/js/adthrive.min.js?deployment=2024-10-31-01:adv-458:pr5537:3e2371f:4&bucket=flex-69&deliveryFeatures=amazonBetaApstag,consentManagerCMP,optimalBidders,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,ttdSync,optableLoad&siteid=651d9a4e8b79f51c580f8020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-66.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.dmnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
1929
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Fri, 01 Nov 2024 00:01:54 GMT
etag
W/"271aad4f7a653e8ce1e9cb74b6a06477"
last-modified
Thu, 31 Oct 2024 17:36:19 GMT
server
AmazonS3
vary
accept-encoding
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-id
IN-LNqyQz5wDIrTTQ98M4bbWA9Jde7Kj3qkFV5VuV0fazpcYytmCFA==
x-amz-cf-pop
FRA60-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
GAk5zGnopyDEDXuJCHp6M6mokbbhv_81
x-cache
Hit from cloudfront
vCgiOErt
cdn.jwplayer.com/v2/playlists/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/vCgiOErt?max_resolution=1280
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/3e2371f/es2018/js/adthrive.min.js?deployment=2024-10-31-01:adv-458:pr5537:3e2371f:4&bucket=flex-69&deliveryFeatures=amazonBetaApstag,consentManagerCMP,optimalBidders,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,ttdSync,optableLoad&siteid=651d9a4e8b79f51c580f8020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:4400:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
cf077283a32d4fcbe2e29a31eea52bceb82e8a893878941441b8983da7a60c60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

x-robots-tag
noindex, indexifembedded
cache-control
max-age=180, max-stale=180
content-encoding
gzip
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
expires
Fri, 01 Nov 2024 00:37:02
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
959
x-amz-cf-id
eUZzXTOL-1H8KNXp9xpETRHd7TCs2ere73FLuP0W6HsffvtEqTrIcw==
date
Fri, 01 Nov 2024 00:34:02 GMT
content-type
application/json; charset=utf-8
x-amz-cf-pop
FRA60-P4
server
openresty
join_ig
gpsb-reims.criteo.com/paapi/ Frame 4557 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gpsb-reims.criteo.com/paapi/join_ig?advertiser_id=500002_500329&ig_name=r6NnpiEx
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/3e2371f/es2018/js/adthrive.min.js?deployment=2024-10-31-01:adv-458:pr5537:3e2371f:4&bucket=flex-69&deliveryFeatures=amazonBetaApstag,consentManagerCMP,optimalBidders,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,ttdSync,optableLoad&siteid=651d9a4e8b79f51c580f8020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.163.35 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
35.163.214.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://www.dmnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
2503
content-type
text/html; charset=UTF-8
date
Fri, 01 Nov 2024 00:34:02 GMT
join-ad-interest-group
*
supports-loading-mode
fenced-frame
via
1.1 google
beacon.js
sb.scorecardresearch.com/internal-cs/6035453/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/6035453/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/6035453/beacon.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/6035453/beacon.js
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H2
Server
18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-32.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6a58f7d1814138ce7fb2194b071c7100cdfc3d30a95eef8223329dc65774bbf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

vary
accept-encoding
cache-control
max-age=86400
content-encoding
gzip
etag
W/"e577c18a64fa27d73bcdf0c0433579b5"
age
73679
via
1.1 111f802abddccd55d219ff1635e1aa4a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Yll_ziZNN_JigRQajuLYyjnGMMrsmVjodWNyJ9Tn87p7N_7k0yZ17w==
date
Thu, 31 Oct 2024 04:07:36 GMT
content-type
application/javascript
last-modified
Mon, 28 Oct 2024 08:31:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256

Redirect headers

location
/internal-cs/6035453/beacon.js
accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 111f802abddccd55d219ff1635e1aa4a.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
ELiwqMpxbWaOiiw52ly6WuNydNZuVmWCo9uRtlyJ2kG3QbI8PlrnFg==
date
Fri, 01 Nov 2024 00:34:02 GMT
x-amz-cf-pop
FRA56-P11
config.js
cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/ 		375 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/3e2371f/es2018/js/adthrive.min.js?deployment=2024-10-31-01:adv-458:pr5537:3e2371f:4&bucket=flex-69&deliveryFeatures=amazonBetaApstag,consentManagerCMP,optimalBidders,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,ttdSync,optableLoad&siteid=651d9a4e8b79f51c580f8020
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0708bc2fb9270c67a95d2b81fe3db189b9aa4dd0e2487c8742a81374e9068309

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"1821a1efea59bd11f99abf041991fcc8"
age
742
alt-svc
h3=":443"; ma=86400
date
Fri, 01 Nov 2024 00:34:02 GMT
content-type
text/javascript
last-modified
Fri, 01 Nov 2024 00:18:10 GMT
vary
Accept-Encoding
x-amz-id-2
KZLsOMPxnkgq3L9doYZhFjWzldPXDWU/9QYJp7ruyyBMZrJ64j3HIms/FGvik7R3wifUNyO4HpJrn9cm1Hry0kSc9tS+HB0H
cache-control
public, max-age=900, stale-while-revalidate=3600
x-amz-request-id
WYEMG0E9M3GQ247H
cf-ray
8db7cbfcfa381cc6-AMS
accept-ranges
bytes
content-length
76089
server
cloudflare
x-amz-server-side-encryption
AES256
ads.min.css
ads.adthrive.com/sites/651d9a4e8b79f51c580f8020/ 		371 B
668 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/651d9a4e8b79f51c580f8020/ads.min.css
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/3e2371f/es2018/js/adthrive.min.js?deployment=2024-10-31-01:adv-458:pr5537:3e2371f:4&bucket=flex-69&deliveryFeatures=amazonBetaApstag,consentManagerCMP,optimalBidders,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,ttdSync,optableLoad&siteid=651d9a4e8b79f51c580f8020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-27.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
5c6fc20bdf9fa0f8a68b8707f628acc435576a38e70e51e1271e1a61e05c2e22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

cache-control
max-age=3600, s-maxage=86400
age
33725
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
371
x-amz-cf-id
cSDx91zX8OjvtHihoIjsXEEDYpw-8-PfYMeubYd3JI_SVKBrlCwqGw==
date
Thu, 31 Oct 2024 15:11:57 GMT
content-type
text/css
vary
Accept-Encoding
server
CloudFront
x-amz-cf-pop
FRA60-P3
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		424 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/3e2371f/es2018/js/adthrive.min.js?deployment=2024-10-31-01:adv-458:pr5537:3e2371f:4&bucket=flex-69&deliveryFeatures=amazonBetaApstag,consentManagerCMP,optimalBidders,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,ttdSync,optableLoad&siteid=651d9a4e8b79f51c580f8020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d1add29a55047caa8aa0c5a7bb25ff3fb817e8cd46c18f91c8ba54ccf64b8b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

cache-control
private, max-age=900, stale-while-revalidate=3600
content-encoding
gzip
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options
nosniff
expires
Fri, 01 Nov 2024 00:34:02 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148179
date
Fri, 01 Nov 2024 00:34:02 GMT
x-xss-protection
0
content-type
text/javascript
vary
Accept-Encoding
server
sffe
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202410080955/ 		301 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202410080955/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b031c3238b017ab0fd84b1d17c33de4892a4deaa5e6002a071feebdf98719c60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"60462d29cf50606cdda8d5057fd4de28"
age
251702
alt-svc
h3=":443"; ma=86400
date
Fri, 01 Nov 2024 00:34:02 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 08 Oct 2024 14:01:56 GMT
vary
Accept-Encoding
x-amz-id-2
AmcH9L69M+/xWke5i86XvUmr8Ow8hoItwq4OUQWNFEdc+uSA2sj/4Y9Cg3cO2CaOe0FApLj+HvZzdKnioCQxqg==
cache-control
public, max-age=31536000
x-amz-request-id
6NYNEG3RP3HGA0JQ
cf-ray
8db7cbfd8abd1cc6-AMS
accept-ranges
bytes
content-length
109298
server
cloudflare
x-amz-server-side-encryption
AES256
collect
chat.direqt.ai/api/ 		2 B
490 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://chat.direqt.ai/api/collect
Requested by
Host: chat.direqt.ai
URL: https://chat.direqt.ai/embed.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.dmnews.com/

Response headers

access-control-max-age
0
content-encoding
gzip
x-orig-accept-language
nl-NL,nl;q=0.9
access-control-allow-methods
POST, OPTIONS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-country-code
NL
x-cache
MISS
date
Fri, 01 Nov 2024 00:34:02 GMT
content-type
application/json
x-cloud-trace-context
d3a7fb6b5b745e27465284a9dbbaebac
x-served-by
cache-bru1480074-BRU
x-cache-hits
0
access-control-allow-headers
*
strict-transport-security
max-age=31556926
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
cache-control
private
x-timer
S1730421243.584396,VS0,VE184
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
function-execution-id
pgeu3hmza357
server
Google Frontend
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1072411424&t=event&_s=4&dl=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F&ul=nl-nl&de=UTF-8&dt=Sekoia%20uncovers%20new%20Google%20Meet%20malware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=direqt_seen&ev=1&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=1629575041.1730421241&tid=UA-120577643-1&_gid=1053760276.1730421241&gtm=457e4au0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&jsscut=1&tcfd=1000h&npa=1&z=920748176
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

age
80579
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 02:11:03 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
ima_ppub_config
securepubads.g.doubleclick.net/pagead/ 		186 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
6538ea4778fd4f97d1ee5bec3fd51f7d9549b7cdebdf2cf712393aaa125fa5c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Nov 2024 00:34:02 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
69
date
Fri, 01 Nov 2024 00:34:02 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
bridge3.675.2_en.html
imasdk.googleapis.com/js/core/ Frame FEBB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.675.2_en.html?gdpr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dmnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
119631
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
257591
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Oct 2024 15:20:11 GMT
expires
Thu, 30 Oct 2025 15:20:11 GMT
last-modified
Tue, 29 Oct 2024 18:27:01 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

cache-control
private, max-age=900
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Fri, 01 Nov 2024 00:34:02 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
16746
date
Fri, 01 Nov 2024 00:34:02 GMT
x-xss-protection
0
content-type
text/javascript
vary
Accept-Encoding
server
sffe
vCgiOErt
cdn.jwplayer.com/v2/playlists/ 		3 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/vCgiOErt?max_resolution=1280
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/3e2371f/es2018/js/adthrive.min.js?deployment=2024-10-31-01:adv-458:pr5537:3e2371f:4&bucket=flex-69&deliveryFeatures=amazonBetaApstag,consentManagerCMP,optimalBidders,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,ttdSync,optableLoad&siteid=651d9a4e8b79f51c580f8020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:4400:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
cf077283a32d4fcbe2e29a31eea52bceb82e8a893878941441b8983da7a60c60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

x-robots-tag
noindex, indexifembedded
cache-control
max-age=180, max-stale=180
content-encoding
gzip
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
expires
Fri, 01 Nov 2024 00:37:02
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
959
x-amz-cf-id
eUZzXTOL-1H8KNXp9xpETRHd7TCs2ere73FLuP0W6HsffvtEqTrIcw==
date
Fri, 01 Nov 2024 00:34:02 GMT
content-type
application/json; charset=utf-8
x-amz-cf-pop
FRA60-P4
server
openresty
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1771 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
1584
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options
nosniff
expires
Fri, 01 Nov 2024 01:07:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 00:07:38 GMT
last-modified
Thu, 11 Apr 2024 19:10:13 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges
bytes
content-length
13943
x-xss-protection
0
server
sffe
i441fzmp-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/2SCwPehb/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/i441fzmp-720.jpg
68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/i441fzmp-720.jpg
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d0c0b46b8decb3f0be2968d621748bb19e77e779f7e3c88af01a4f924c09b58a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

content-encoding
gzip
etag
"7aed403bf24e96fcd6e4bb4efc3be30a"
age
388
x-cache
HIT, HIT
date
Fri, 01 Nov 2024 00:34:03 GMT
last-modified
Thu, 12 Oct 2023 14:11:57 GMT
content-type
image/jpeg
x-served-by
cache-iad-kcgs7200132-IAD, cache-bru1480073-BRU
x-cache-hits
4600, 0
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
vary
Accept-Encoding
cache-control
max-age=900
x-timer
S1730421243.076852,VS0,VE84
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
69553
server
nginx
x-amz-server-side-encryption
AES256

Redirect headers

x-robots-tag
noindex, indexifembedded
cache-control
max-age=180, max-stale=180
location
https://assets-jpcust.jwpsrv.com/thumbnails/i441fzmp-720.jpg
access-control-allow-methods
GET
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
-u1VO4-LIhbfJNlzId1wSnK1776vIQaGHB4H8eKL4_0A4r6ehgggbw==
date
Fri, 01 Nov 2024 00:34:02 GMT
content-type
image/jpeg
x-amz-cf-pop
FRA60-P4
server
openresty
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
2SCwPehb.m3u8
cdn.jwplayer.com/manifests/ 		2 KB
776 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/manifests/2SCwPehb.m3u8?max_resolution=1280
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/3e2371f/es2018/js/adthrive.min.js?deployment=2024-10-31-01:adv-458:pr5537:3e2371f:4&bucket=flex-69&deliveryFeatures=amazonBetaApstag,consentManagerCMP,optimalBidders,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,ttdSync,optableLoad&siteid=651d9a4e8b79f51c580f8020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:4400:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
9a54e93d458b256f1001c5407bb6b861b2b1a62e793c36eec2c07443ce1f18d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

x-robots-tag
noindex, indexifembedded
cache-control
max-age=180
content-encoding
gzip
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
425
x-amz-cf-id
8hFfRsSfIVi4PA7NEaUqBgXhm5oBx9sjR0bevMY3bfflqX4NA9aHpw==
date
Fri, 01 Nov 2024 00:34:02 GMT
content-type
application/vnd.apple.mpegurl; charset=utf-8
x-amz-cf-pop
FRA60-P4
server
openresty
manifest-audio_eng=112030-video_eng=532676.m3u8
videos-cloudfront-usp.jwpsrv.com/6724caba_2368386fa07b3f7d0de799ed4db4a82db8699fe7/site/Tqfz8wBB/media/2SCwPehb/version/MB1AdnQU/manifest.ism/ 		878 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/6724caba_2368386fa07b3f7d0de799ed4db4a82db8699fe7/site/Tqfz8wBB/media/2SCwPehb/version/MB1AdnQU/manifest.ism/manifest-audio_eng=112030-video_eng=532676.m3u8
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/3e2371f/es2018/js/adthrive.min.js?deployment=2024-10-31-01:adv-458:pr5537:3e2371f:4&bucket=flex-69&deliveryFeatures=amazonBetaApstag,consentManagerCMP,optimalBidders,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,ttdSync,optableLoad&siteid=651d9a4e8b79f51c580f8020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:8a00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
68b26a2ea5eb750095163e325af3ca486453faa6a7a1668abb7508af502a8a1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

access-control-expose-headers
server,range,date,x-cdn-forward
etag
"usp-1855A384"
age
499472
x-cache
Hit from cloudfront
x-amz-cf-id
H1q83Ns-Q6ficMo7n-CDcCjL-XRizBuHYy2BGJl3Uz3GWp9EBv4NNQ==
date
Sat, 26 Oct 2024 06:56:09 GMT
content-type
application/vnd.apple.mpegurl
vary
Accept-Encoding
access-control-allow-headers
origin, range, x-cdn-forward
cache-control
max-age=2592000
timing-allow-origin
*
via
1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
878
x-amz-cf-pop
FRA60-P9
server
Apache
manifest-audio_eng=112030-video_eng=532676-1.ts
videos-cloudfront-usp.jwpsrv.com/6724caba_2368386fa07b3f7d0de799ed4db4a82db8699fe7/site/Tqfz8wBB/media/2SCwPehb/version/MB1AdnQU/manifest.ism/ 		315 KB
316 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/6724caba_2368386fa07b3f7d0de799ed4db4a82db8699fe7/site/Tqfz8wBB/media/2SCwPehb/version/MB1AdnQU/manifest.ism/manifest-audio_eng=112030-video_eng=532676-1.ts
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/3e2371f/es2018/js/adthrive.min.js?deployment=2024-10-31-01:adv-458:pr5537:3e2371f:4&bucket=flex-69&deliveryFeatures=amazonBetaApstag,consentManagerCMP,optimalBidders,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,ttdSync,optableLoad&siteid=651d9a4e8b79f51c580f8020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:8a00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
125206f84bd34ef6f0db587b3cf6659d1c5baa6a659a45f8e05377292aa3c2c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

access-control-expose-headers
server,range,date,x-cdn-forward
etag
"usp-4A7B40B9"
age
399036
x-cache
Hit from cloudfront
x-amz-cf-id
m_ebMraNALXXf899VB3cRycj9bFajQUMQYaPAj-u7nl6NOvqLcofTQ==
date
Sun, 27 Oct 2024 09:43:27 GMT
content-type
video/MP2T
access-control-allow-headers
origin, range, x-cdn-forward
link
<manifest-audio_eng=112030-video_eng=532676-2.ts>; rel="next"
cache-control
max-age=2592000
timing-allow-origin
*
via
1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
322232
x-amz-cf-pop
FRA60-P9
server
Apache
x-usp-info1
t=1970-01-01T00:00:00Z lookahead=2
manifest-audio_eng=112030-video_eng=1529177.m3u8
videos-cloudfront-usp.jwpsrv.com/6724caba_2368386fa07b3f7d0de799ed4db4a82db8699fe7/site/Tqfz8wBB/media/2SCwPehb/version/MB1AdnQU/manifest.ism/ 		887 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/6724caba_2368386fa07b3f7d0de799ed4db4a82db8699fe7/site/Tqfz8wBB/media/2SCwPehb/version/MB1AdnQU/manifest.ism/manifest-audio_eng=112030-video_eng=1529177.m3u8
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/3e2371f/es2018/js/adthrive.min.js?deployment=2024-10-31-01:adv-458:pr5537:3e2371f:4&bucket=flex-69&deliveryFeatures=amazonBetaApstag,consentManagerCMP,optimalBidders,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,ttdSync,optableLoad&siteid=651d9a4e8b79f51c580f8020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:8a00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
232b55b4ab443f76833daf468ccd214da125dc89070165a774cab1a7c0ecaca1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

access-control-expose-headers
server,range,date,x-cdn-forward
etag
"usp-3B5BA471"
age
465877
x-cache
Hit from cloudfront
x-amz-cf-id
OZNP0ivp9B2L-7vicLuINJVjS_WXJTljnWGBL9Yv44l0YnHjiBJecA==
date
Sat, 26 Oct 2024 16:53:38 GMT
content-type
application/vnd.apple.mpegurl
vary
Accept-Encoding
access-control-allow-headers
origin, range, x-cdn-forward
cache-control
max-age=2592000
timing-allow-origin
*
via
1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
887
x-amz-cf-pop
FRA60-P9
server
Apache
manifest-audio_eng=112030-video_eng=1529177-2.ts
videos-cloudfront-usp.jwpsrv.com/6724caba_2368386fa07b3f7d0de799ed4db4a82db8699fe7/site/Tqfz8wBB/media/2SCwPehb/version/MB1AdnQU/manifest.ism/ 		932 KB
933 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/6724caba_2368386fa07b3f7d0de799ed4db4a82db8699fe7/site/Tqfz8wBB/media/2SCwPehb/version/MB1AdnQU/manifest.ism/manifest-audio_eng=112030-video_eng=1529177-2.ts
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/3e2371f/es2018/js/adthrive.min.js?deployment=2024-10-31-01:adv-458:pr5537:3e2371f:4&bucket=flex-69&deliveryFeatures=amazonBetaApstag,consentManagerCMP,optimalBidders,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,ttdSync,optableLoad&siteid=651d9a4e8b79f51c580f8020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:8a00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
2d7576e8807e9aad27eb268777f092db2e9a0b78b5bf339794a6b1e3433a633a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

access-control-expose-headers
server,range,date,x-cdn-forward
etag
"usp-3784E081"
age
500324
x-cache
Hit from cloudfront
x-amz-cf-id
7pFmMegZTfykQmqbM98JNlonHwsPfZR0vEDbJsziKZxdNqLggUzNpQ==
date
Sat, 26 Oct 2024 05:35:19 GMT
content-type
video/MP2T
access-control-allow-headers
origin, range, x-cdn-forward
link
<manifest-audio_eng=112030-video_eng=1529177-3.ts>; rel="next"
cache-control
max-age=2592000
timing-allow-origin
*
via
1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
953912
x-amz-cf-pop
FRA60-P9
server
Apache
x-usp-info1
t=1970-01-01T00:00:04Z lookahead=2
manifest-audio_eng=112030-video_eng=1529177-3.ts
videos-cloudfront-usp.jwpsrv.com/6724caba_2368386fa07b3f7d0de799ed4db4a82db8699fe7/site/Tqfz8wBB/media/2SCwPehb/version/MB1AdnQU/manifest.ism/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/6724caba_2368386fa07b3f7d0de799ed4db4a82db8699fe7/site/Tqfz8wBB/media/2SCwPehb/version/MB1AdnQU/manifest.ism/manifest-audio_eng=112030-video_eng=1529177-3.ts
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/3e2371f/es2018/js/adthrive.min.js?deployment=2024-10-31-01:adv-458:pr5537:3e2371f:4&bucket=flex-69&deliveryFeatures=amazonBetaApstag,consentManagerCMP,optimalBidders,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,ttdSync,optableLoad&siteid=651d9a4e8b79f51c580f8020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:8a00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
6ffccd15f4abf9c89d9c9368a658282e6fc6e9698afe30cc6a1a6629626dac56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

access-control-expose-headers
server,range,date,x-cdn-forward
etag
"usp-F9FF5874"
age
36617
x-cache
Hit from cloudfront
x-amz-cf-id
p3quG3l3k-fnIgkYmuSZxeiyygeSTpXFLGfEFLW4jbrqho3-Ykri7Q==
date
Thu, 31 Oct 2024 15:15:49 GMT
content-type
video/MP2T
vary
Accept-Encoding
access-control-allow-headers
origin, range, x-cdn-forward
link
<manifest-audio_eng=112030-video_eng=1529177-4.ts>; rel="next"
cache-control
max-age=2592000
timing-allow-origin
*
via
1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
1206584
x-amz-cf-pop
FRA60-P9
server
Apache
x-usp-info1
t=1970-01-01T00:00:08Z lookahead=2
bV8xLndfODY2ODUucl9HRFBSLmxfZW4uZF8zNDI5My54XzkyLnYucC50XzM0MjkzLnh0Xzc0.js
cdn.consentmanager.net/delivery/customdata/ 		127 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.consentmanager.net/delivery/customdata/bV8xLndfODY2ODUucl9HRFBSLmxfZW4uZF8zNDI5My54XzkyLnYucC50XzM0MjkzLnh0Xzc0.js
Requested by
Host: b.delivery.consentmanager.net
URL: https://b.delivery.consentmanager.net/delivery/cmp.php?&cdid=aa95c00731726&h=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F&&__cmpfcc=1&l=en&ls=EN_EN_NL&lp=EN-US&o=1730421241101
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::101 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
db526b90d4ebbf1149ae69edca30e6a10cea34fb6b25691fb71639e045ebaab5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

content-encoding
gzip
x-77-cache
HIT
expires
Fri, 01 Nov 2024 01:04:02 GMT
date
Fri, 01 Nov 2024 00:34:04 GMT
edge-control
public, max-age=1800
content-type
text/javascript; charset=utf-8
x-77-nzt-ray
0d1fa51870658a79f9212467cf11d70c
vary
Accept-Encoding
last-modified
Fri, 01 Nov 2024 00:34:02 GMT
x-77-nzt
EgwBJRPCTwGzCAcAAAwBJRPCMQG3/v///w
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-77-pop
frankfurtDE
x-xss-protection
0
x-77-age
-2
server
CDN77-Turbo
/
b.delivery.consentmanager.net/delivery/info/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.delivery.consentmanager.net/delivery/info/?id=86685&did=1&cfdid=1&t=pv.d_ncs.d_ancs.d_bncs&h=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F&o=1730421244352&l=EN&lv=105993&d=1&ct=14&e=&e2=&e3=&i=&sv=74&dv=92&
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.230.98.78 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
ds87-230-98-78.dedicated.psmanaged.com
Software
/
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Thu, 01 Dec 1994 16:00:00 GMT
access-control-allow-origin
*
content-length
43
date
Fri, 01 Nov 2024 00:34:04 GMT
edge-control
no-store, no-cache, must-revalidate
last-modified
Fri, 01 Nov 2024 00:34:04 GMT
x-xss-protection
0
content-type
image/gif
/
b.delivery.consentmanager.net/delivery/info/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.delivery.consentmanager.net/delivery/info/?id=86685&did=1&cfdid=1&t=cv&h=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F&o=1730421244353&l=EN&lv=105993&d=1&ct=14&e=&e2=&e3=&i=&sv=74&dv=92&
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.230.98.78 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
ds87-230-98-78.dedicated.psmanaged.com
Software
/
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Thu, 01 Dec 1994 16:00:00 GMT
access-control-allow-origin
*
content-length
43
date
Fri, 01 Nov 2024 00:34:04 GMT
edge-control
no-store, no-cache, must-revalidate
last-modified
Fri, 01 Nov 2024 00:34:04 GMT
x-xss-protection
0
content-type
image/gif
en.gif
cdn.consentmanager.net/delivery/flags/ 		384 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.consentmanager.net/delivery/flags/en.gif
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::101 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

x-77-age
8423962
x-77-nzt
EgwBJRPCTwH3GoqAAAwB1GY4EQH3/wIAAA
cache-control
max-age=31536000
etag
"180-5c4c0aa828a40"
x-77-cache
HIT
expires
Sat, 26 Jul 2025 12:21:55 GMT
accept-ranges
bytes
x-77-pop
frankfurtDE
content-length
384
date
Fri, 01 Nov 2024 00:34:04 GMT
edge-control
max-age=2592000
content-type
image/gif
last-modified
Mon, 14 Jun 2021 21:37:37 GMT
x-77-nzt-ray
0d1fa51870658a79fc21246791ffa317
server
CDN77-Turbo
get-shares
www.dmnews.com/wp-json/social-share/v1/ 		194 B
969 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-json/social-share/v1/get-shares?ids=facebook%2Ctwitter%2Cpinterest&post_id=107989&url=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fffe83ed7ff8233380473e9c9559c1c429011da48744707ccd1777586d5d347
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*/*

Response headers

x-robots-tag
noindex
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-cache-2
BYPASS
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IbHkyZkaOIxp3alCFRAoKlukklTyoZEPg2t9QSaBB0iVR2OKK%2BFp6KNVUcZWmX50U1RmGMWT8UDQznlrSglnNDp00iEUT8G3vMBT98mfS%2B6KOOA1k2Z035zQxVU%2FyS9jSg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
BYPASS
server-timing
cfL4;desc="?proto=QUIC&rtt=16645&sent=544&recv=187&lost=19&retrans=19&sent_bytes=568913&recv_bytes=40513&delivery_rate=30988&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=4645&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:04 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Cookie, Origin
priority
u=1,i
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link
<https://www.dmnews.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
allow
GET
cf-ray
8db7cc098a880e31-AMS
server
cloudflare
get-shares
www.dmnews.com/wp-json/social-share/v1/ 		194 B
976 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-json/social-share/v1/get-shares?ids=facebook%2Ctwitter%2Cpinterest&post_id=107989&url=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fffe83ed7ff8233380473e9c9559c1c429011da48744707ccd1777586d5d347
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*/*

Response headers

x-robots-tag
noindex
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-cache-2
BYPASS
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fMWZlPNkkH%2F%2FvesF65X%2B6F5%2FzBrRYrXJuRbudoUVr5nRYK6PKbBGRRByJpP2UJej4MZsGuerXPtqGktzrYM3SDDcQfBZiMLOSDR2FzD%2BIHxN1oK7hzkq7%2FzSWDkXHc3aLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
BYPASS
server-timing
cfL4;desc="?proto=QUIC&rtt=16386&sent=547&recv=189&lost=19&retrans=19&sent_bytes=570928&recv_bytes=41346&delivery_rate=8329&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=5031&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:05 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Cookie, Origin
priority
u=1,i
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link
<https://www.dmnews.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
allow
GET
cf-ray
8db7cc0bdc0e0e31-AMS
server
cloudflare
get-shares
www.dmnews.com/wp-json/social-share/v1/ 		194 B
975 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-json/social-share/v1/get-shares?ids=facebook%2Ctwitter%2Cpinterest&post_id=107989&url=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fffe83ed7ff8233380473e9c9559c1c429011da48744707ccd1777586d5d347
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*/*

Response headers

x-robots-tag
noindex
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-cache-2
BYPASS
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UmIyMK0KoGlrrZmW%2FWKTik%2B%2F9VkHijtQgREKRPGAJDzZTDAiSqw09%2Bbd3QapDIL%2FH3u0T%2BlfKJEnyrlqPe4hqBQ6pxSn%2BPPmlpcRjH983%2FWKm6JlSmzc6v1hSJJXv1TtMw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
BYPASS
server-timing
cfL4;desc="?proto=QUIC&rtt=16233&sent=549&recv=190&lost=19&retrans=19&sent_bytes=571953&recv_bytes=42134&delivery_rate=55811&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=5349&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:05 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Cookie, Origin
priority
u=1,i
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link
<https://www.dmnews.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
allow
GET
cf-ray
8db7cc0e3e000e31-AMS
server
cloudflare
get-counts
www.dmnews.com/wp-json/social-counts/v1/ 		203 B
973 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dmnews.com/wp-json/social-counts/v1/get-counts?ids=facebook%2Ctwitter%2Clinkedin
Requested by
Host: www.dmnews.com
URL: https://www.dmnews.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60479d02c34eeb8c604d09be889a9319b42c6099cc579af275d060328e57f013
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*/*

Response headers

x-robots-tag
noindex
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-cache-2
BYPASS
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UYRNsBzWrXcLfesYc5rgdQtdImrd51%2BPHwdEcjgTGZk1Km%2BGgWTRbd1640BUgnHGR6tBaUbMC08jhb0TFQhZMuhBBvWX6aJ5LwBiW9UQko1MvdsO9ENxBVUmyABjbdkY9A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
BYPASS
server-timing
cfL4;desc="?proto=QUIC&rtt=16494&sent=546&recv=188&lost=19&retrans=19&sent_bytes=569931&recv_bytes=41301&delivery_rate=55132&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=4763&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:04 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Cookie, Origin
priority
u=1,i
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link
<https://www.dmnews.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
allow
GET
cf-ray
8db7cc099a8d0e31-AMS
server
cloudflare
favicon-32x32-1.png
images.dmnews.com/wp-content/uploads/2021/10/ 		664 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://images.dmnews.com/wp-content/uploads/2021/10/favicon-32x32-1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35fda183ef35133c70746f776fb06fe602372d362792df113880978eb382a685

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dmnews.com/

Response headers

cf-cache-status
HIT
x-amz-version-id
3o4CjUCpdsRsC1MLzGvvSoeo9tkXEF.L
etag
"8c07ab61ddbf979b0270307f344aa05e"
age
58223
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rPKqn8kbsipc3Z7KvYm1lBs%2BgWuUSbnl9OOkydUhfPJlfjPuf6b9deoxRZiIfwKIZ%2FGfsyjkPgjQ%2FwYQFITfw5Wv7XyKRMdRRoogIOVRAYiaT%2B6%2Fj1SKXENbQdlo7GCJrjlvTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 01 Nov 2022 20:32:48 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16867&sent=542&recv=186&lost=19&retrans=19&sent_bytes=567345&recv_bytes=40468&delivery_rate=2217209&cwnd=82740&unsent_bytes=0&cid=aaf796c0f0ee276c&ts=4332&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 00:34:04 GMT
content-type
image/png
last-modified
Mon, 01 Nov 2021 20:32:49 GMT
vary
Accept-Encoding
priority
u=1,i
x-amz-id-2
rK9NSZEAtzfJu0Tg7JVm+nzZUWdg0RtepyeT3f4Cd0chaPRdIlJG62z/UltaVbO97cE1pA3XIVI=
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PYBHHEE79WWT6HNH
cf-ray
8db7cc09ba9d0e31-AMS
accept-ranges
bytes
content-length
664
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CLD7YEG2WF&gtm=45je4au0v9122472941za200&_p=1730421240813&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=1000h&tag_exp=101533422~101823848~101878899~101878944~101925629&cid=1629575041.1730421241&ul=nl-nl&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&sid=1730421241&sct=1&seg=0&dl=https%3A%2F%2Fwww.dmnews.com%2Fsekoia-uncovers-new-google-meet-malware%2F&dt=Sekoia%20uncovers%20new%20Google%20Meet%20malware&_s=2&tfd=6731
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CLD7YEG2WF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.dmnews.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.dmnews.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 00:34:06 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.dmnews.com
URL
blob:https://www.dmnews.com/04356f8c-1061-466a-9fac-dbdbab4c5a02

Verdicts & Comments Add Verdict or Comment

254 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 boolean| ewww_webp_supported function| check_webp_feature object| Arrive function| ewwwLoadImages function| ewwwWebPInit function| ewwwAttr function| ewwwJSONParserInit function| ewwwWooParseVariations function| ewwwNggParseGalleries function| ewwwNggLoadGalleries function| ewwwNggParseImageList object| adthriveCLS object| adthrive object| _wpemojiSettings function| jQuery object| cls_disable_ads object| cls_header_insertion boolean| _SEARCHWP_LIVE_AJAX_SEARCH_BLOCKS string| _SEARCHWP_LIVE_AJAX_SEARCH_ENGINE string| _SEARCHWP_LIVE_AJAX_SEARCH_CONFIG object| eio_lazy_vars function| initDireqt object| direqt function| shouldAutoScale function| constrainSrc object| lazySizesConfig object| lazySizes object| canvasJG function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger object| canvas_sg_flickity object| swv object| wpcf7 object| cf7msm_posted_data object| wpilFrontend function| wpil_link_clicked number| newTabTries function| openLinksInNewTab function| hasParentElements function| makeAjaxCall function| callWithJquery function| callWithVanilla function| getLinkLocation object| powerkit_lightbox_localize object| csLocalize object| csco_mega_menu object| load_more_query function| onYouTubePlayerAPIReady object| searchwp_live_search_params function| gtag object| dataLayer object| twemoji object| wp object| raptive object| skimlinks_settings object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI boolean| gdprAppliesGlobally string| cmp_cdid string| cmp_host string| cmp_cdn string| cmp_proto string| cmp_codesrc function| cmp_getsupportedLangs function| cmp_getRTLLangs function| cmp_getlang function| cmp_extractlang function| cmp_getlangs function| cmp_getPageLangs function| cmp_getPageLang function| cmp_getLangsFromURL function| cmp_getXMLLang function| cmp_rc function| cmp_stub function| cmp_dsastub function| cmp_gppstub function| cmp_gpp_ping function| cmp_addFrame function| cmp_msghandler function| cmp_setStub function| cmp_setGppStub function| __cmp function| __tcfapi function| __uspapi function| __gpp function| __dsa object| googletag object| pbjs object| optable object| gaGlobal object| cmp_config_data object| cmp_scripts function| cmp_loadCS function| cmp_append_script function| cmp_append_script2 function| cmp_script_loaded object| regeneratorRuntime object| _pbjsGlobals object| gaplugins object| gaData function| cmp_gppmanifest function| cmp_fibo function| cmp_reader function| cmp_writer function| cmp_cs function| cmp_lang function| cmp_purpose function| cmp_feature function| cmp_stack function| cmp_vendor function| cmp_utils function| cmp_snapshot function| cmp_storage function| cmp_gpp_helper function| cmp_api function| cmp_contentblocking function| cmp_behavior function| cmp_amp function| cmp_eventwrapper function| cmp_html function| cmp_wcagdialog function| cmp_display function| cmp_display_age function| cmp_display_background function| cmp_display_images function| cmp_display_langchoice function| cmp_display_policy function| cmp_display_qr function| cmp_display_welect function| cmpsource function| cmpmngr_queryfile string| cmpccsversionbuild function| cmp_unq function| cmp_fnd number| cmpccsversion function| btoa2 function| atob2 function| cmp_loadconsole object| cmp_dataLayer function| cmp_gtag function| cmp_getGPPManifests function| cmp_regulations function| cmp_getregulation function| cmp_affiliatedomains function| cmp_awindomains function| cmp_getcss object| cmpmngr function| cmp_gc function| cmp_hc function| __cmapi object| __cmp_langs_loaded object| cmp_timer object| cmp_timer2 object| ggeac object| google_js_reporting_queue object| google_reactive_ads_global_state object| _comscore object| confiant boolean| liModuleEnabled object| COMSCORE object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| closure_lm_959382 object| closure_lm_342204 function| cmp_svg_no function| cmp_svg_yes function| cmp_svg_multi function| cmp_svg_nodisabled function| cmp_svg_yesdisabled function| cmp_svg_icologoiablogo function| cmp_svg_icomatexternal_link function| cmp_svg_icoprv58 function| cmp_svg_icoprv36 function| cmp_svg_icoprv40 function| cmp_svg_icoprv34 function| cmp_svg_icoprv28 function| cmp_svg_icoprv33 function| cmp_svg_icoprv32 function| cmp_svg_icoprv30 function| cmp_svg_icoprv42 function| cmp_svg_icoprv35 function| cmp_svg_icoprv41 function| cmp_svg_icoprv46 function| cmp_svg_icoprv54 function| cmp_svg_icoprv57 function| cmp_svg_icoprv47 object| cmp_loadedLangs number| cmpGDPR string| cmpRegulation string| cmpConsentString string| cmpCurrentStatus string| cmpLastStatus string| cmpLastTCFStatus string| cmpLoadingStatus string| cmpDisplayStatus string| cmpVendorsConsent string| cmpCustomVendorsConsent string| cmpGoogleVendorsConsent string| cmpPurposesConsent string| cmpCustomPurposeConsent string| cmpConsentVendors string| cmpConsentPurposes string| cmpLIVendors string| cmpLIPurposes number| cmpDesignId boolean| consentExists string| userChoiceType string| userChoiceStatus object| utag_data function| cmp_spachange function| arrive function| unbindArrive function| leave function| unbindLeave

9 Cookies

Domain/Path Name / Value
www.dmnews.com/ Name: __adblocker
Value: false
.dmnews.com/ Name: _ga
Value: GA1.2.1629575041.1730421241
.dmnews.com/ Name: _gid
Value: GA1.2.1053760276.1730421241
.dmnews.com/ Name: _gat_gtag_UA_120577643_1
Value: 1
.dmnews.com/ Name: _ga_CLD7YEG2WF
Value: GS1.1.1730421241.1.0.1730421242.0.0.0
gpsb-reims.criteo.com/ Name:
Value: Partitioned
.dmnews.com/ Name: __cmpconsentx86685
Value: CQHaHdgQHaHdgAfKtBENBOFgAAAAAEPgAAigAAATpgYgAIAAWAA4ACoAFwAOAAeABAACQAGQANAAcAA8ACIAEcAJgAUgAqgBoAD0AH4AQgAjgBOADAAGUANEAcgA5wB3AD9gIOAhABFgCfgGvAOIAdQA7YB7QD_gJiAUOAqUBeYDJAGWAPkAfuBOkAA.YAAACHwAAAA
.dmnews.com/ Name: __cmpcccx86685
Value: aBQHaVPbAAAAAAA
www.dmnews.com/ Name: _color_system_schema
Value: default

1 Console Messages

Source Level URL
Text
rendering warning URL: https://www.dmnews.com/sekoia-uncovers-new-google-meet-malware/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A020DC03E4220000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.adthrive.com
ads.optable.co
affiliate-cdn.raptive.com
assets-jpcust.jwpsrv.com
b.delivery.consentmanager.net
cdn.confiant-integrations.net
cdn.consentmanager.net
cdn.jwplayer.com
chat.direqt.ai
gpsb-reims.criteo.com
images.dmnews.com
imasdk.googleapis.com
p.skimresources.com
pagead2.googlesyndication.com
r.skimresources.com
raptive-auth.cloud.optable.co
raptive-test.cloud.optable.co
raptive.solutions.cdn.optable.co
region1.google-analytics.com
s.skimresources.com
s0.2mdn.net
sb.scorecardresearch.com
secure.gravatar.com
securepubads.g.doubleclick.net
t.skimresources.com
videos-cloudfront-usp.jwpsrv.com
www.dmnews.com
www.google-analytics.com
www.googletagmanager.com
www.dmnews.com
107.178.250.95
13.32.99.27
13.32.99.66
142.250.186.130
151.101.65.91
172.217.18.2
172.64.144.166
18.244.18.32
188.114.97.3
199.36.158.100
2001:4860:4802:34::36
216.58.206.46
2600:9000:225e:4400:1:a3fa:7cc0:93a1
2600:9000:235a:8a00:2:cecb:23c0:93a1
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2006
2a00:1450:4001:829::200a
2a00:1450:4001:830::2008
2a02:6ea0:c700::101
2a04:4e42:400::626
2a04:fa87:fffe::c000:4902
3.160.150.86
34.117.62.22
34.149.155.241
35.190.59.101
35.190.91.160
35.201.67.47
35.214.163.35
87.230.98.78
03fdef11beb7633e0b3d7390658860a48f0fb9be56eac1723163ef10fa2501fa
05335cb4b1aecdb7e8e92c9fc5033afb7423750e70f27469c2b33f200a0d4cc8
05a1dbfe780fd6bdd0718ae8819a959125caa7507c0f65ebc2175b4d8c752bab
0708bc2fb9270c67a95d2b81fe3db189b9aa4dd0e2487c8742a81374e9068309
0970aa8255c4100c348511d8c98516a237792e1dfeb90111e04e60842fa80e8e
0d9cf9728ec83131d32bf19890c3859344d13629eb5631f387e988067b07eae2
125206f84bd34ef6f0db587b3cf6659d1c5baa6a659a45f8e05377292aa3c2c3
1328007b840201e2485f2d1f6479f510823bbc7ae7ccc6b657d27eedf128fa85
141ac568be4ebb63260741515cc6e4a81fe3abaa2599567ed81922801800fc5a
152c7a1bf03659d3a2e9f6c55fe8c7f5152276a951933f959ef9413d1f7e87ff
1724646da775a861e2e73ef05aa2c63775da5d1779c51d9b0c8ab7f28bfaa29b
172790fe3c83b2f57db2095b32efe1437d2bfd47b97ed2b5686bc3ec2258c1db
185093ba5e401a03a400155368c110eb5618c56cc82a4280ce4e5e5c04ce23a8
1a1d1615c215d07865c2f1a42e45f39830a4b56a9e6d83116ceb469505176f1e
1a2c518645f351b7c0a5d4750a977bea702f9b35b7b8bad0246caf2a15da8444
1daf084e4188c42bc0657fae9116a9fb3f20f9fe76fb471bf7acc23dd47949d2
20cdb567a5734aacc93a928b450d370b42eee05664df757622798bc330775d39
217ed695d9e683687bb2a370d6f521ab05120afcb30230edce70b25349cb44f5
232b55b4ab443f76833daf468ccd214da125dc89070165a774cab1a7c0ecaca1
2448c7d17d953f58dc8b0c99b3e66447ca02cbc62ff9703c949a00c6d2b93aaa
293abc8b99c6444ff0578677a5fab2c60bc3f4f3c1dd7ff5358a8a35a34d54f8
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4
2b6482ccd356cc8ec8beb9afa3be6345da7906ef1bb3bba546a39e6394902b91
2bcccb9ae360aa0d9d44827ed5cc6801da0ca95781254c6ffd806d87247d4016
2cf3af999361646783592d22ca08310f14d8aac5c8eb6e96f79b0537e28f1ce3
2d1add29a55047caa8aa0c5a7bb25ff3fb817e8cd46c18f91c8ba54ccf64b8b3
2d7576e8807e9aad27eb268777f092db2e9a0b78b5bf339794a6b1e3433a633a
2e40cb4620007ace5b1447c1a20db9a10ba5ae588c24c64bd97434daeef259f7
2f5b9e4d83d0e068c1b529ae1423aaed9f1e98ef758767c576b77f10de24eb1d
31656ddbb58d39790f910df827596106a5d91ce80dd4309a6aad91e08a90f9e4
318c46c474af05599ec3a9d9ab778c68dc21955b4109bdd40150c75f04cff167
327ed1dbc11570336f4056baa5ec409c7b3fb28e1c0e8a548ddbdc8923b95bbb
32879ecf9aea0b36eb97887c282c3edf857d3dab33fe098fd4047be1c0edeb4a
346c66e4f479f4a17ed1401f493c41c4c36b694580749098da5224e7707ed994
347f6cd20880fc426f1d7099177d6b448493d2af646dc89fe9a4fe4f5db5cf31
35294f3aea1be84744bb4c705cc6fbe03cd6f1f468ae5731347a52d3acff94e1
35fda183ef35133c70746f776fb06fe602372d362792df113880978eb382a685
39f781e151f895b59250d716ad54dfbac769b67f0f3e9edd6fd51379b9b46edd
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
407c57f44df9370aa9daf3f6db4458de526dfaf6c825c9017b1206537c91aca9
4146285bb4496cc9415cba29daf393082e8358fa76d181cce3cee7fe9b960be2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44245a9c07edadd37ca07c81ad0bf9c957f8c0f16adf6297b0cfab5b92c72600
45bed94e25e9e47ffc4cfc56923e120642b89d2f0c4f8a78dd53aad48265dfe2
45c12f3da7dd755e23120400c657d80c4413436f630607f00d3039da62ae9a1b
47d0390fea1660753108946b180abe68897b889f6b448d0adc0f10f508661ed8
495047ac37d6b00300a23fba8e4a2f690a41630860276b4c3f3215ba212d317d
4b3daf73a65debec0c15eed6137f51a3280ea8815f658aa8ddb242a2eff91d74
4bf65cae1eaeb23d9930887f7a7327081412f0d90fe88163d3f7eef4966a506a
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4fffe83ed7ff8233380473e9c9559c1c429011da48744707ccd1777586d5d347
503f9aa8675e396e6feec3369148a12f5c863c5068d573e72a3f2f4d217ac0d3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
56166c978e97dcffa7e4184e6eea22c72673f51195ba30c6a84ea404da0ee594
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
5c6fc20bdf9fa0f8a68b8707f628acc435576a38e70e51e1271e1a61e05c2e22
60479d02c34eeb8c604d09be889a9319b42c6099cc579af275d060328e57f013
616133e635c669e56ab845e6ec85b4dddcd166f95f6006724fe34857bdef0ff2
62ab2ed25887f741906e8d20701a2dcef183af815995d32ed5abca3076ee3bde
641d46628e1dce7d2d0a7d6aba1736f5c82e02e7f0f49cd95930b7055c49021f
6538ea4778fd4f97d1ee5bec3fd51f7d9549b7cdebdf2cf712393aaa125fa5c1
67d85629e2ed1f3ac9a8a7d86dc49c0e9a72ff72ce43e0baef6071c912955943
68b26a2ea5eb750095163e325af3ca486453faa6a7a1668abb7508af502a8a1a
6a59baf60acc079130eddbb64eed20e3015448d6380a203a6de1e95d48e4efed
6b65b29fde63aca60fa0aec56df0fc8fed2ea22a6e90a755a1ac97407e196525
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ffccd15f4abf9c89d9c9368a658282e6fc6e9698afe30cc6a1a6629626dac56
73532816419bcbcbf797acad133ce0679f8eec67dff7ba5ef1c122ce0f774e7e
73e8fdebeab4f384cac905005edbc1b1cc6c9fcbd18c111103d5066401abdded
74f4e1d4b6abdd3a891991ec1aff2a998eadb389dc3c21c5097cbefde721a229
76492f208e5fed3833ca9a04daf4e6c559ed7b6760ce2ff6eaa9b66bc41d88ec
778c4f286886c435caef888eaae1b7d6ef0f36b2a86ba04cced647fa88538086
7c4474f7cc37a8b92cbc8ba8e08906d3c13974e2e0ce4f8185ba2ba62b976d46
7d1fd955dee5c5e4fa01886134728f2422528f26fa8a5d4e8a104eb0604f1a1d
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
832ab1b4aa67dc13f7bd3a4edadfd0f2e41a421400eb6249ae5d7548d0a0fb60
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
872b9355e9384f4f8d6b4b83f278a53123c1cdb0b1a0f9fca82a5ae8f23f572c
879c27c4eb60a1b1aefefedef5bfb21a3d4a99e5b2cf23acb5ed50d8b2b010ee
8a9ecdb41088e36f1f44732089683e2cd0baabd42f40de94ada612c371461f3c
90182bb7804c72423286cf956b1c2b3f0d1655d7206ff45c5de72f72e61e54f8
90bd0b913e4b1da553acd1a4a7b368e157ea6bc9161e93f86f2543eec62948c6
97fc18b31a24cb9e84740ba665d082bcd55a4eb017c0c95595bab00d7d98a5ca
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51
9a54e93d458b256f1001c5407bb6b861b2b1a62e793c36eec2c07443ce1f18d5
9cd3358120e9690cdeef256ade204e2a306d28b08abb0aa46b1a40ac55c57fef
a160388097733e6e69e4cb93c9f16f115afd2639aac6b2cdd10779a9cd45679e
a7986f3450d22f5405938090ddb2fd5b5d0064f04dac5b81a188bdd50bb9f89d
a96e5ee7ab248008e5e6cc92dd561eceb892d19a10a537aa1b2e64f979351add
aae323aae1b82ab324f2f2093cb59bef2b7c70399101ed51ee66adcf1b7e2aec
ab21e60bfdf5a278b4bb9fe96ab04ad23de3241bc4832c23525f7c183db54d81
abb6f9cbc61da4a1b4d48634f68976a6b0f3423ac38a0fdf42553fb40f5fcfdb
aca64aad202a0caa0622d7a5ccc762dd41c00f30607c549f16e5bfce44a3e32d
b031c3238b017ab0fd84b1d17c33de4892a4deaa5e6002a071feebdf98719c60
b5c28ade86f07f93053256214afa706842351fbaae40ec94f2eb879e72be565e
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
bd0a4da10df7a38a290fc8063b8efecd59ea7c7f6e554c08a49d7da8fdd7059a
c00ce414aaa78ee559725e5918d41881610571e6636cdf92e9b5a04298af6e51
c1cce2164f037d23a6c642ae6f9dd7ef6ccab056b7b1ff88df0f54759b7748bd
c208f932d9a1c8ea23299037b4a0a8dc08c8746203f2241390b1494aa01ed7d2
c5431f44fa564ac806c13e5a13e950a2250dfbcb18b6a8d7298a2e254b38e710
c60b452516367a46d614b444f396b225a3830f301f8c027f08456669d5bbc45a
c670bf4ea63ed9c8f8d6db0ed773d783e7eb47ca0d786072c5a7291fb3575ad0
c8d0164cbde5631e2e6d5d3d461827f6342d43383fc8d38125012d364ffec65d
ca775cd8ab837239f9497e8afe90403d78cb37581c0adfe4003012d24bea020e
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf077283a32d4fcbe2e29a31eea52bceb82e8a893878941441b8983da7a60c60
d0364a8643c1531b82bf9d55d51693f899d46fd61afa65a07cd7033e11f4306e
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0c0b46b8decb3f0be2968d621748bb19e77e779f7e3c88af01a4f924c09b58a
d1219161aa0b4acbac811198524a7bf6272afae0ae5eec52ddfdbb7fd15081f4
d4739e0d772df10f4913cb1f1680efe46a68765649f7de2a7c733a9abd807c47
d4da2752a0c926a286a5ed2627348471eb7fc863524622afdfe5314759be02fa
d6a58f7d1814138ce7fb2194b071c7100cdfc3d30a95eef8223329dc65774bbf
db526b90d4ebbf1149ae69edca30e6a10cea34fb6b25691fb71639e045ebaab5
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dda260f25518c298c6fe6dec8e4a5b171012fd5e611ea1e7feafea26097f333d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df19891eb1979bed5bad1a5b827ee6e1c5766de50b95b375c96f65b64e7d7430
dfdb442f3cefaf2cdac354f011905aa766d027e6820fabc4499f243598f9c561
e05c4b441ed48e59ad4f7ca2fd9460563e5560f5842677fb743862d38dea0bb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e61d072b3fcaa221626725a84ec97eda78b9f921f99837c7441c3d6e2bf28a2b
e7e967e71a1e3afcefab9bb798ecc34f810a0c9b3a1e4d1bec2de15b86417cea
edca24668654ebccf139e44e3f3c6c5c7039f0734465d676f9043552fb3f5447
eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881
f58d479787605c9e219e7dffc1f9e015f7946ae68e6ec23c5ef5ddb49df5a5dc
f5d1555ca1d1736e61e55fa9abd975a91b48490c4582944fe2d23c22b20b817f
f6791f2a6b58b07bfc68f1b5fa0786e108d0deed6184918949b437e0acc547cd
f6c9461554979de307df7ec3ba9f08637d99d9a5cb2072ecda405b74bd302381
f812dc7aa300086b3ca0e680e6abc4d183936940460bece30f0ccd6984ee2ac7
fa815cccb1545165b4617d1a4a361d8ac3479e27fee5a4e74fe1e203af938336
faade092315e8c7c8a038b4080a24ee764f1fcb107db6ca229927e6ca7d60807
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fdc62c83b590f2db88e8a6313e44cab623e5592eaa34f997424fed46e12a212a