0.bluelitetoday.com Open in urlscan Pro
2606:4700:3031::6815:231b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/
Effective URL:
https://0.bluelitetoday.com/?p=hfswkobumm5gi3bpha4dini&sub1=scars&sub3=jekitass5
Submission: On August 05 via api (August 5th 2024, 10:13:06 am UTC) from US — Scanned from DE

Summary HTTP 52 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 52 HTTP transactions. The main IP is 2606:4700:3031::6815:231b, located in United States and belongs to CLOUDFLARENET, US. The main domain is 0.bluelitetoday.com.
TLS certificate: Issued by WE1 on July 17th 2024. Valid for: 3 months.

This is the only time 0.bluelitetoday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2606:4700:303... 2606:4700:3031::ac43:9723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::6815:2975	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:205... 2600:9000:2057:400:e:f20a:1f00:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3033::ac43:a717	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3031::6815:231b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
52	10

19 2606:4700:3031::ac43:9723 (United States)

ASN13335 (CLOUDFLARENET, US)

www.allhackernews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-files.allhackernews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:2975 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.rdntocdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

flow.recordsbluemountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:400:e:f20a:1f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.iflychat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

gogo.recordsbluemountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::ac43:a717 (United States)

ASN13335 (CLOUDFLARENET, US)

away.taskscompletedlists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3031::6815:231b (United States)

ASN13335 (CLOUDFLARENET, US)

bluelitetoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0.bluelitetoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	allhackernews.com www.allhackernews.com static-files.allhackernews.com	362 KB
7	gstatic.com fonts.gstatic.com	193 KB
4	bluelitetoday.com bluelitetoday.com 0.bluelitetoday.com	15 KB
3	taskscompletedlists.com away.taskscompletedlists.com Failed	2 KB
2	recordsbluemountain.com flow.recordsbluemountain.com gogo.recordsbluemountain.com	18 KB
1	iflychat.com cdn.iflychat.com	948 B
1	rdntocdns.com cdn.rdntocdns.com — Cisco Umbrella Rank: 314312	17 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	3 KB
0	google-analytics.com Failed www.google-analytics.com Failed
52	9

	Domain	Requested by
16	static-files.allhackernews.com	www.allhackernews.com static-files.allhackernews.com
7	fonts.gstatic.com	fonts.googleapis.com
3	away.taskscompletedlists.com	gogo.recordsbluemountain.com
3	www.allhackernews.com	www.allhackernews.com static-files.allhackernews.com
2	0.bluelitetoday.com	www.allhackernews.com
2	bluelitetoday.com
1	gogo.recordsbluemountain.com	flow.recordsbluemountain.com
1	cdn.iflychat.com	static-files.allhackernews.com
1	flow.recordsbluemountain.com	www.allhackernews.com
1	cdn.rdntocdns.com	www.allhackernews.com
1	fonts.googleapis.com	www.allhackernews.com
0	www.google-analytics.com Failed	static-files.allhackernews.com
52	12

This site contains no links.

Subject Issuer	Validity	Valid
allhackernews.com WE1	`2024-06-23` - `2024-09-21`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
rdntocdns.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
recordsbluemountain.com WE1	`2024-07-17` - `2024-10-15`	3 months	crt.sh
*.iflychat.com Amazon RSA 2048 M02	`2024-02-22` - `2025-03-22`	a year	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
taskscompletedlists.com WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
bluelitetoday.com WE1	`2024-07-17` - `2024-10-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://0.bluelitetoday.com/?p=hfswkobumm5gi3bpha4dini&sub1=scars&sub3=jekitass5
Frame ID: C71F243CBCBED91CEDD3CE10BE861C75
Requests: 59 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

captcha

Page URL History Show full URLs

https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/ Page URL
https://away.taskscompletedlists.com/tyierrtt Page URL
https://away.taskscompletedlists.com/7MjvR5 Page URL
https://bluelitetoday.com/?p=hfswkobumm5gi3bpha4dini&sub1=scars&sub3=jekitass5 Page URL
https://0.bluelitetoday.com/?p=hfswkobumm5gi3bpha4dini&sub1=scars&sub3=jekitass5 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

52
Requests

73 %
HTTPS

100 %
IPv6

9
Domains

12
Subdomains

10
IPs

2
Countries

611 kB
Transfer

2067 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/ Page URL
https://away.taskscompletedlists.com/tyierrtt Page URL
https://away.taskscompletedlists.com/7MjvR5 Page URL
https://bluelitetoday.com/?p=hfswkobumm5gi3bpha4dini&sub1=scars&sub3=jekitass5 Page URL
https://0.bluelitetoday.com/?p=hfswkobumm5gi3bpha4dini&sub1=scars&sub3=jekitass5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://allhackernews.com/wp-content/uploads/2018/02/logo-300x84.png HTTP 301
https://www.allhackernews.com/wp-content/uploads/2018/02/logo-300x84.png

52 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 / Show response
www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/ 126 KB
23 KB 495ms
460ms Document
text/html 2606:4700:3031::ac43:9723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b3a5533feba36a38c4bb143162129d67b9d0ab2a729d5c9c8c1b563153dc9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8ae602e299ff662d-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 05 Aug 2024 10:12:52 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Mon, 05 Aug 2024 10:12:52 GMT
link: <https://www.allhackernews.com/wp-json/>; rel="https://api.w.org/" <https://www.allhackernews.com/wp-json/wp/v2/posts/3974>; rel="alternate"; type="application/json" <https://www.allhackernews.com/?p=3974>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=27pnq9nwV3hVjclQqopwVcMGVkyjHNT%2F48pB1vOQG5eEsKrGdYNkO8q4oHf5CBZ3wqunFwP65AdjbrkLK4qzb%2FxQrnnhsg5lLkHzlYdTkYsf9VQJik6kmL0rPiTwuPlv%2BFzvhyDhuLWaYtU320Gfps6NYi0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-pingback: https://www.allhackernews.com/xmlrpc.php

GET
H3 200 style.min.css
static-files.allhackernews.com/wp-includes/css/dist/block-library/ 111 KB
15 KB 786ms
771ms Stylesheet
text/css 2606:4700:3031::ac43:9723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-files.allhackernews.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.5

Requested by

Host: www.allhackernews.com
URL: https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.allhackernews.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:12:53 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 May 2024 18:42:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"663d190a-1bae5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ARyu70UZ2pfZ9%2Bz%2BCgVKBWMz5XoBVcHjZYwYDcbR9Q1sf%2BEmwXS%2FcIVl3tIegdTaMWPdTE8UlmbEcfYKEcpy%2FJU1XhWLNC1Cji5M3CIopkIaLjvKfEREE%2FW31AtLuxGJ4P3gtkMesXnIoZXnTLFlR5QrhoRB52Me%2B5kUx%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 8ae602e5cd08662d-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 styles-eaaa54a9fb1a14d21dae836b32cf5e8e.css
static-files.allhackernews.com/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 256ms
242ms Stylesheet
text/css 2606:4700:3031::ac43:9723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-files.allhackernews.com/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/css/styles-eaaa54a9fb1a14d21dae836b32cf5e8e.css

Requested by

Host: www.allhackernews.com
URL: https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.allhackernews.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:12:52 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2342
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 26 Mar 2023 21:08:39 GMT
server: cloudflare
etag: W/"6420b457-926"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xSFocVA4j8eKct6J%2B1SlOKFsONbSDpbBpT7ga%2BR1%2B2hT7Sbe8stHKi%2Fk0WJWD6hhSjA264pz8F2ZOunrqQnQGIo6gnSGxuTn9lSmiJl9PuXV2JIEla3uLZyG2wUFsQUlIxHOGN3F9bcya1Ydv%2BtV6gq0Ou4P9iIDwGKLaJg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 8ae602e5cd09662d-AMS

GET
H2 200 css
fonts.googleapis.com/ 52 KB
3 KB 78ms
20ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.5.1&display=swap

Requested by

Host: www.allhackernews.com
URL: https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

03c3e8b021e9d60a996c86831500fa20109333881eb43edc64aa40ce4a1a7e0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.allhackernews.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Aug 2024 10:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Aug 2024 10:12:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Aug 2024 10:12:52 GMT

GET
H3 200 style-9f4d1ed1823e30fb0f8015b85b4d505f.css
static-files.allhackernews.com/wp-content/cache/min/1/wp-content/themes/Newspaper/ 803 KB
93 KB 242ms
228ms Stylesheet
text/css 2606:4700:3031::ac43:9723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-files.allhackernews.com/wp-content/cache/min/1/wp-content/themes/Newspaper/style-9f4d1ed1823e30fb0f8015b85b4d505f.css

Requested by

Host: www.allhackernews.com
URL: https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9534368c7599ff634a276b46679aaef4d0e8eea9d18d259694e07b3b161c216c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.allhackernews.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:12:52 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=826161
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 26 Mar 2023 21:08:40 GMT
server: cloudflare
etag: W/"6420b458-c9b31"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VNEtJN3176ZRYTpIAF%2FMZT8tuAUjtO2byGBWIT43pH7mT9oA%2BMx7BP2bHSpU8snq25DaC4KYx1MNyO8IBcFkWnRZCsfYtl7Teasim4wnl40SwRG1V9KAtqhMEGgyMqj%2B6SfDzeyt6ipqsp3B1rMOsQo5hBHOeyQU5m%2BHuwo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 8ae602e5ccfd662d-AMS

GET
H3 200 jquery.min.js Show response
static-files.allhackernews.com/wp-includes/js/jquery/ 86 KB
31 KB 826ms
813ms Script
application/javascript 2606:4700:3031::ac43:9723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-files.allhackernews.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: www.allhackernews.com
URL: https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.allhackernews.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:12:53 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Nov 2023 20:37:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65610997-15601"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LCRA2oo5zZYiHlY2I8mwufE4hScx%2BpJxDr39Jp9vYniwdlBwjL%2FT12V2AXNplVhn3KvQEAFiQnKafAIEKQ2bLn0dbk1KPA3T%2B%2Ft%2BtYMx%2BXeGHLkdgtEom0gzdNLkwnJ3u0Vh%2BTfSOedsc4n%2Bi%2B2wno%2FEPUCIQSrDiD5X0xU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 8ae602e5cd05662d-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-migrate.min.js Show response
static-files.allhackernews.com/wp-includes/js/jquery/ 13 KB
5 KB 770ms
757ms Script
application/javascript 2606:4700:3031::ac43:9723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-files.allhackernews.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: www.allhackernews.com
URL: https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.allhackernews.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:12:53 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Nov 2023 20:37:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65610997-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7vyQefSXdPEAPyiIAkI%2BUCCGqi3jl1D5rOc1XyK%2F%2BLCgHRvAFPy6f%2FnfwWWiZwghReYwOa7a8jAIfThwkZVHwEhcOEdDDc5zJBxGINAEFwnsdjaBzVV3xyBW8PF34wr9ENZ7eqEfqlZLyxHgECU7VeUQm%2BpwH%2FujTklsUtQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 8ae602e5cd02662d-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 gtm-c1f26b2dd83dc58794d82d3271634cdc.js
static-files.allhackernews.com/wp-content/cache/busting/1/ 233 KB
80 KB 774ms
773ms Script
application/javascript 2606:4700:3031::ac43:9723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-files.allhackernews.com/wp-content/cache/busting/1/gtm-c1f26b2dd83dc58794d82d3271634cdc.js

Requested by

Host: www.allhackernews.com
URL: https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.allhackernews.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:12:54 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=239240
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 03 Feb 2023 17:14:33 GMT
server: cloudflare
etag: W/"63dd40f9-3a688"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=acWwZMIrVuDPIgUrkZogjmePuDEb%2FttCQWMxrVpYWN8PJb7N2aHxzGSNejhY72ujjCcZMJi71l5I9%2BVevnDLnB3cDJG5NVbqI9ufKHt2HepYht8A4EnCo25fl8Y3vixgStY2HPQlG0aOQBimLSsgPJJwFpaTNsWLJQR8z%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 8ae602ec3b2c662d-AMS

GET
H3 200 sold-89842af3bef2239558f87cc9c0857181.js Show response
static-files.allhackernews.com/wp-content/cache/min/1/scripts/ 70 KB
24 KB 229ms
216ms Script
application/javascript 2606:4700:3031::ac43:9723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-files.allhackernews.com/wp-content/cache/min/1/scripts/sold-89842af3bef2239558f87cc9c0857181.js

Requested by

Host: www.allhackernews.com
URL: https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac68ff3acee571333344cf315744789d546aebf8e05f46068f901d0934ddcc77

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.allhackernews.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:12:52 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Aug 2024 10:23:51 GMT
server: cloudflare
etag: W/"66ab6237-11986"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4LWfU31Fxt0bgSD8AH7NTdPdtxtY8EpuelByob0AcwRapgc%2F4ByBSfB6NyuCftu4EeaED%2Bxfekj5Byn3Ni%2BGBKSgpPdVphAYZgwMfsqhQNyMlA4amvVV9hASeIWCbT34sTCZjir%2BCoeDrWO04qmfS0%2Bfv7uCVJ3EwpmF7u0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 8ae602e5cd03662d-AMS

GET
H3 200 email-decode.min.js Show response
www.allhackernews.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 16ms
16ms Script
application/javascript 2606:4700:3031::ac43:9723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.allhackernews.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.allhackernews.com
URL: https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:12:52 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
last-modified: Tue, 30 Jul 2024 21:56:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"66a9617e-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2MzkHUD%2BMVAGwFPSY4Wi45NBhvSjJf2pTvHkyGZLVClG6h%2FQWkvAikZa9U1Iqny9JldenzGSKT88abOTLEKlU232XyD3%2Bqc9m%2Fln2GzES7MXGlWkNypTZ2qvqzLw6K0O%2Bk3thpEILX0xretxnrp7DgfoCu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8ae602e65d95662d-AMS
expires: Wed, 07 Aug 2024 10:12:52 GMT

GET
H3 200 iflychat-8a6f41a1c9773d104ca85c5fbdd5e759.js Show response
static-files.allhackernews.com/wp-content/cache/min/1/wp-content/plugins/iflychat/js/ 3 KB
2 KB 724ms
724ms Script
application/javascript 2606:4700:3031::ac43:9723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-files.allhackernews.com/wp-content/cache/min/1/wp-content/plugins/iflychat/js/iflychat-8a6f41a1c9773d104ca85c5fbdd5e759.js

Requested by

Host: www.allhackernews.com
URL: https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e852727c3bdfe06d3b2bb8155ad7f27b95b281fbb8d37eca3da1d39816b01c1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.allhackernews.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:12:53 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 26 Mar 2023 21:08:40 GMT
server: cloudflare
etag: W/"6420b458-b9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ifCjWr9EGKMKxgkI89Oza3koMPwCTjGdptB1Cvc5KgVEJFU38pKxTFeLUZ9kfQckIt9SHaRK5BUWZMlwO4UQ2nc8NKmZI2oJCxOjfhA4RqOw8yVyTWfqGvK8A%2B17TCBO2WrnVaWw7WwjMsX5K8FtwK04qUC70h4zBFVpXM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 8ae602e65d96662d-AMS

GET
H3 200 index-9cec93ff195fb81d248de04b75cf2d32.js Show response
static-files.allhackernews.com/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 231ms
230ms Script
application/javascript 2606:4700:3031::ac43:9723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-files.allhackernews.com/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/swv/js/index-9cec93ff195fb81d248de04b75cf2d32.js

Requested by

Host: www.allhackernews.com
URL: https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d804ea56219fb201a483d39fb46878e9dd724b72230a8b977ab1f16f896c370c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.allhackernews.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:12:53 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 26 Mar 2023 21:08:40 GMT
server: cloudflare
etag: W/"6420b458-2800"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jucfnSIrx%2Bvb10VJGSkZdSJ%2B6sogXT6ymJdIiMG2b46tHtk8G4yEbGVGGpqUCrBJ6VQM%2BLO1RF8bfVEoOHK6mB5wpkY%2BEFK%2F5h5hrPBQbB57RQINhRBfN2SDTW1KavJIIiblTKEfdTmlKlc1iA62325u9NtnVVxSIE2hPN0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 8ae602e65d97662d-AMS

GET
H3 200 index-4a0f5b3cbebdadd8b2b7b7cd0576f4c1.js Show response
static-files.allhackernews.com/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 576ms
576ms Script
application/javascript 2606:4700:3031::ac43:9723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-files.allhackernews.com/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/js/index-4a0f5b3cbebdadd8b2b7b7cd0576f4c1.js

Requested by

Host: www.allhackernews.com
URL: https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4af9dac8fb9b63a0212749b1d6a4466fab62ba560c630c71b378c1fcde550797

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.allhackernews.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:12:53 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 26 Mar 2023 21:08:40 GMT
server: cloudflare
etag: W/"6420b458-328e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bCG4%2BnpViQ9%2Bnf6UryKYDque7si474UUgsJD3%2BVS%2FOCnutOjWDH%2Bwhf2%2BLxki7L51iaM%2BQPg%2Ftek3zChw4H6l0ZfcqPiSAYeTQIvslyHvS79jDsNFvx8HWX1pvu6Tdp1dSMMJJMwBInQZB6XePcFRYodv3QsKO0A0D06iZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 8ae602e65d98662d-AMS

GET
H3 200 tagdiv_theme.min.js Show response
static-files.allhackernews.com/wp-content/themes/Newspaper/js/ 201 KB
49 KB 736ms
736ms Script
application/javascript 2606:4700:3031::ac43:9723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-files.allhackernews.com/wp-content/themes/Newspaper/js/tagdiv_theme.min.js?ver=8.5.1

Requested by

Host: www.allhackernews.com
URL: https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf3fd5760176d67bfd5fbdefc9cfa17babd0df1dd0a5d4e3c21c5784ad75be9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.allhackernews.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:12:53 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Feb 2018 14:23:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5a9023d7-32331"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a0rOF3FdGtoitzYw4htOC4PZxPIYxaaiWj5ihQ%2B4nzUnETCMHj%2FcwWCfmANoBfURgmpR%2BHOq9%2B6%2FwE77E5FvMBHrkMcRZg7An7gFO5kwXTFg50NnE%2BDTD28HjrY2R80VJpd4cKxPnNmU5PsF8IatJGpp7kmIinuavCDChKw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 8ae602e66d9f662d-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 comment-reply.min.js
static-files.allhackernews.com/wp-includes/js/ 3 KB
2 KB 754ms
753ms Script
application/javascript 2606:4700:3031::ac43:9723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-files.allhackernews.com/wp-includes/js/comment-reply.min.js?ver=6.5.5

Requested by

Host: www.allhackernews.com
URL: https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.allhackernews.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:12:54 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 25 Jun 2022 20:06:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62b76adb-ba5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yuIqBU0LwbriybAboDEWIvWRGU%2FCTl3bjAIGCUq2Map9DL3Srr%2FaeK8WKNqcNxo54EX0uaOFYF7lJi7qBp38cnl30Wg%2B70FRTSkJgZYIDSz6lmZYhBggTvr%2F20lIYyteSJAucNVF%2BhkclcCgObt9ulXUy3BcAjk0qwmNyZk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 8ae602ec3b2f662d-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 akismet-frontend-705648967acaa94f1105bd8abad09f01.js Show response
static-files.allhackernews.com/wp-content/cache/min/1/wp-content/plugins/akismet/_inc/ 6 KB
2 KB 219ms
218ms Script
application/javascript 2606:4700:3031::ac43:9723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-files.allhackernews.com/wp-content/cache/min/1/wp-content/plugins/akismet/_inc/akismet-frontend-705648967acaa94f1105bd8abad09f01.js

Requested by

Host: www.allhackernews.com
URL: https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

398472186bb1ae9e295e8f469e10d896567b2f88b01eadefba4425e067737b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.allhackernews.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:12:53 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 26 Mar 2023 21:11:02 GMT
server: cloudflare
etag: W/"6420b4e6-16b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZHMT8u7ui0na1q%2Fqd8fQfyZWpEiaMDnDkjbq4UotxR%2BGR4pTu3hN2wp1oRTg6LfWPL6QXhxjXP2ujzPfyuhuVM%2Fz7dqUu%2BdAaugJ5rFjPK4GjC75%2FpbT7i6KPbPOzvZ8sTpWOuikr3wXbr%2B2q8RRD9TQmx4gEcMk0HrqGOg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 8ae602ec3b33662d-AMS

GET
H3 200 lazyload.min.js
static-files.allhackernews.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 729ms
728ms Script
application/javascript 2606:4700:3031::ac43:9723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-files.allhackernews.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js

Requested by

Host: www.allhackernews.com
URL: https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.allhackernews.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:12:54 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 Dec 2020 15:37:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5fe4b5d6-1ed2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0xACZMtPlm7BziicFnqsVVkNFtNdxrwM3qnO0vw6kHkPQJKQO82wE0It%2FP9Uekta1ki%2FZJXDplmRz5UjDU1BrppsRwxZMbnuxgmVGnyfsg5FgEjOf5xd8dAjFtJWWbOQdDnz1JzGO6B7l2AdOMzPveQLh8%2B0sB6zy%2F%2FlKps%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 8ae602ec3b35662d-AMS
alt-svc: h3=":443"; ma=86400

POST
H3 200 rthrttu.php Show response
cdn.rdntocdns.com/ 40 KB
17 KB 95ms
46ms XHR
application/javascript 2606:4700:3031::6815:2975
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rdntocdns.com/rthrttu.php
Requested by: Host: www.allhackernews.com
URL: https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2975 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c640426ed18756f3f7916e9fff39e857812da9e9183d4195f5e4e072c63820f4

Request headers

Referer: https://www.allhackernews.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 05 Aug 2024 10:12:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4cTXEkBcVrsBh13qU4lOthMBRC26avvJoDUJ8uyv7PtUp%2BFh7uIKLEwu8NhnLh7%2Bhk74TIwkMnkCiCmkWkf2puXozW2%2FBFl3spVcRSo0zsr3NlqMPcU%2FlIc3rre9E3aukC7KPKTgd8l947iyf2VW9w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ae602eb8dd59f84-AMS
access-control-allow-headers: X-Requested-With
content-length: 16507
alt-svc: h3=":443"; ma=86400

GET
H3 200 tKWSNy Show response
flow.recordsbluemountain.com/ 29 KB
13 KB 266ms
244ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flow.recordsbluemountain.com/tKWSNy?q=www.allhackernews.com
Requested by: Host: www.allhackernews.com
URL: https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 5c9ffea0ee03e55806cf0d8a4a4ec302ac3e9d2b41c1c4d8b979681a0c7b2b57

Request headers

Referer: https://www.allhackernews.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:12:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PdKs7LLi1SjjRZjKCbvozeXTl%2BdQ6aUSF7arSxyen%2FL456CSXRyjkwrZUqqqrxuYZ26vhP%2BnjCOLldrS1HLoGAc73U72x3j2PWnqwnqboOwnW6kihaVccHDvZFSjC0%2FwnhdlPVnat2LD2GLChLErQyaPD46A6qkt8mpD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8ae602ec59249725-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Aug 2024 10:12:53 GMT

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8665d6674f470e9eab24d720e2887c5579a554f2241f340ad6bafae8b4c6f089

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c3cb71138ba89f1cf2419b37b83b35f896ec41631b116926520ae31541fd9bb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0ea2fa35271c78084c0244430b865af459ba144154779a691b70fedb0a3f0e8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 iflychat-v2.min.js Show response
cdn.iflychat.com/js/ 2 KB
948 B 60ms
11ms Script
application/javascript 2600:9000:2057:400:e:f20a:1f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iflychat.com/js/iflychat-v2.min.js?app_id=f4e8cad2-dae6-44ff-baa2-eb759b31b467
Requested by: Host: static-files.allhackernews.com
URL: https://static-files.allhackernews.com/wp-content/cache/min/1/wp-content/plugins/iflychat/js/iflychat-8a6f41a1c9773d104ca85c5fbdd5e759.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:e:f20a:1f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / iflylabs
Resource Hash: afda15de6bd67606a636bf4d909595afdff70e37085259ed41bffef59713b770

Request headers

Referer: https://www.allhackernews.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:09:47 GMT
content-encoding: gzip
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 186
x-powered-by: iflylabs
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=480
x-amz-cf-id: 8byQbtH3kheOUBCEp03e6P21EZ1KbMiSqGYBvFUZ3cYX2KYJfIfdrA==

GET elements.png
static-files.allhackernews.com/wp-content/themes/Newspaper/images/sprite/ 0
0

GET newspaper.woff
static-files.allhackernews.com/wp-content/themes/Newspaper/images/icons/ 0
0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.5.1&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.allhackernews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 14:56:39 GMT
x-content-type-options: nosniff
age: 501374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 14:56:39 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 36ms
15ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.allhackernews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:49:34 GMT
x-content-type-options: nosniff
age: 307399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18588
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 20:49:34 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 45ms
25ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.allhackernews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:50:35 GMT
x-content-type-options: nosniff
age: 307338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 20:50:35 GMT

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v34/ 22 KB
22 KB 48ms
28ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e44fb721d3be9376c6e5e946109067a04da84ae10b3f27a03ada7a3731e515c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.allhackernews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 17:11:08 GMT
x-content-type-options: nosniff
age: 493305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22432
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:31:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 17:11:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 39ms
20ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.allhackernews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:49:34 GMT
x-content-type-options: nosniff
age: 307399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 20:49:34 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 49 KB
49 KB 41ms
23ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.allhackernews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 09:47:31 GMT
x-content-type-options: nosniff
age: 1522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50296
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:10:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Aug 2025 09:47:31 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v32/ 20 KB
20 KB 36ms
17ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.allhackernews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:57:28 GMT
x-content-type-options: nosniff
age: 306925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20144
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 20:57:28 GMT

POST
H3 200 admin-ajax.php Show response
www.allhackernews.com/wp-admin/ 10 B
629 B 226ms
223ms XHR
text/html 2606:4700:3031::ac43:9723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.allhackernews.com/wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=8.5.1

Requested by

Host: static-files.allhackernews.com
URL: https://static-files.allhackernews.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

493577fa7e2db4792e3c9f57bac2490c8b6197f802f3e4c9702d20e6032fee0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 05 Aug 2024 10:12:54 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.allhackernews.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UaZbk8Enh%2BmAMquTpcRD9qI%2FQwaV4KPl65c6%2FtAv2aFXBKF37JSPLh2o3XiF238jo3F3hXlUU1KIQ82EzKwVABDc4BpnHssZs1o51CvJd8gDsAWicP%2FGG99yv2bZI51ffieMMo3VpUjgb8nNaMQCIMkJpI0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 8ae602edbcda662d-AMS
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 zbLzKF Show response
gogo.recordsbluemountain.com/ 11 KB
5 KB 306ms
258ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gogo.recordsbluemountain.com/zbLzKF
Requested by: Host: flow.recordsbluemountain.com
URL: https://flow.recordsbluemountain.com/tKWSNy?q=www.allhackernews.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 49a03cffa9784b08b9d801dc162e3286580e5bf3bdc8c72635c8712162d52a67

Request headers

Referer: https://www.allhackernews.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:12:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5gA6hB8G1l1yxJUPdeA3Og%2B4apYjyENtC8l9mJpfk7DqUWvYsFfhQtn6qXSZSvqLSTNVgiTZR6fEN6GimBvQbhXvYGrlZ6hKKdR3gBayb1DjOBxgLvkHYZ55uBJn9L%2FGzhvEzCPUnAAVuFqm4mvJMX%2FJr9qIHwofUCVo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8ae602eec8857745-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Aug 2024 10:12:54 GMT

GET tyierrtt
away.taskscompletedlists.com/ 0
0

GET
H3 200 tyierrtt Show response
away.taskscompletedlists.com/ 207 B
651 B 125ms
91ms Document
text/html 2606:4700:3033::ac43:a717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://away.taskscompletedlists.com/tyierrtt
Requested by: Host: gogo.recordsbluemountain.com
URL: https://gogo.recordsbluemountain.com/zbLzKF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2c9b95f8ce7fc4ef51c5aa682cc179ad65bfaeaf438e8f2eae48e674d6e8630

Request headers

Referer: https://www.allhackernews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8ae602f0ad9741da-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 05 Aug 2024 10:12:54 GMT
expires: Mon, 05 Aug 2024 10:12:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BS2Y9ZlNtS1zvspSwBBiVdxfY2PbYK7N%2BcIhXGM5BJIhI88rHeLL9lmCbOdlHWFQL3Ks1Z%2BCvfhZuyffHGZzf9O61AHEu8jzrFHXPDB8w35R6wkmwqwXT487AWziuzw4Z9ZL4fZALQ3sIZIHaGX65MY%2BgkSdt2RqqTTM"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET

logo-300x84.png
www.allhackernews.com/wp-content/uploads/2018/02/
Redirect Chain

https://allhackernews.com/wp-content/uploads/2018/02/logo-300x84.png
https://www.allhackernews.com/wp-content/uploads/2018/02/logo-300x84.png

0
0

GET apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack-696x363.jpg
static-files.allhackernews.com/wp-content/uploads/ 0
0

GET vmware-esxi-flaw-exploited-by-ransomware-groups-for-admin-access-100x70.png
static-files.allhackernews.com/wp-content/uploads/ 0
0

GET the-power-and-peril-of-rmm-tools-100x70.png
static-files.allhackernews.com/wp-content/uploads/ 0
0

GET us-releases-high-profile-russian-hackers-in-diplomatic-prisoner-exchange-100x70.png
static-files.allhackernews.com/wp-content/uploads/ 0
0

GET chinese-hackers-target-japanese-firms-with-lodeinfo-and-noopdoor-malware-100x70.png
static-files.allhackernews.com/wp-content/uploads/ 0
0

GET meta-settles-for-14-billion-with-texas-over-illegal-biometric-data-collection-100x70.png
static-files.allhackernews.com/wp-content/uploads/ 0
0

GET cyber-espionage-group-xdspy-targets-companies-in-russia-and-moldova-100x70.png
static-files.allhackernews.com/wp-content/uploads/ 0
0

GET
H3 200 critical-flaw-in-rockwell-automation-devices-allows-unauthorized-access-100x70.png
static-files.allhackernews.com/wp-content/uploads/ 14 KB
14 KB 29ms
28ms Image
image/png 2606:4700:3031::ac43:9723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-files.allhackernews.com/wp-content/uploads/critical-flaw-in-rockwell-automation-devices-allows-unauthorized-access-100x70.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.allhackernews.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:12:54 GMT
strict-transport-security: max-age=2592000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1723
alt-svc: h3=":443"; ma=86400
content-length: 14261
last-modified: Mon, 05 Aug 2024 07:00:03 GMT
server: cloudflare
etag: "66b07873-37b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iV89OruYmFyKPmKXhAF3Uj73rJ4DMsZ0ZGJu2qXMrPvLxfqj0ACM7KNhy4PFrDadMh%2BRFzim%2BZG2riSTOoBqAkNoRrp1NhJpP%2FwJJKlIiDCQVFKhy%2BR2KNm14niDUqZzMnLo9FVdzLtGt6xCx2RG8g6uKb%2BnNj6%2FsHhFhJM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8ae602f0c82f662d-AMS

GET new-android-trojan-blankbot-targets-turkish-users-financial-data-100x70.png
static-files.allhackernews.com/wp-content/uploads/ 0
0

GET
H3 200 china-linked-hackers-compromise-isp-to-deploy-malicious-software-updates-100x70.png
static-files.allhackernews.com/wp-content/uploads/ 7 KB
7 KB 30ms
30ms Image
image/png 2606:4700:3031::ac43:9723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-files.allhackernews.com/wp-content/uploads/china-linked-hackers-compromise-isp-to-deploy-malicious-software-updates-100x70.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.allhackernews.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:12:54 GMT
strict-transport-security: max-age=2592000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1725
alt-svc: h3=":443"; ma=86400
content-length: 6768
last-modified: Mon, 05 Aug 2024 06:00:04 GMT
server: cloudflare
etag: "66b06a64-1a70"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y8ww4CfJ0o3d872YiPGoinqxzykGXw30FubOWnp5OW2X1SV%2FphL%2BMyilkUnUByqFfsZR7%2F3t978V9bTWXJxJD96AQBCsciBVuhNVD1MdQmyOZAY3hst8SbfiFTH%2B0d%2FxMUqA583t37Dy2CrLsBiXrD1yIf2NRG1vjzpM3w4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8ae602f0c836662d-AMS

POST collect
www.google-analytics.com/g/ 0
0

GET
H3 200 7MjvR5
away.taskscompletedlists.com/ 242 B
649 B 97ms
97ms Document
text/html 2606:4700:3033::ac43:a717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://away.taskscompletedlists.com/7MjvR5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8ae602f16e4541da-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 05 Aug 2024 10:12:54 GMT
expires: Mon, 05 Aug 2024 10:12:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zahXU9jIlHhEbKOtGPhSCGkck1b5yKab8uM0VS7zxxuoIZuc6HeRUT0RzDh9%2FIv6BxnrJ8IfC9lqg7%2B0z%2Fx2kr0htlimV3rCG5%2BjjvJQFKD%2FknoXxo1hhGXEPM2wYusJkXY7Buo%2BxSkNzLWDGmGWe7ocKImV7GxktYGH"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 404 favicon.ico
away.taskscompletedlists.com/ 548 B
577 B 23ms
23ms Other
text/html 2606:4700:3033::ac43:a717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://away.taskscompletedlists.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:12:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 53
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AkvbQiH0vrykizhpZviODDF9roqLaZw1GqBf%2BFjD%2Foxy%2BjC%2BdQidNqmJvnnIns1CjGdxWyR%2Fd0vo8%2F1Q8BAkvGd5U5clcxUqYZU5XemfuVDRNRmNQxhW5SGAfb925NriemoKOQMQU7OQ5gPfaFTRndT%2BE15sI7DKDSyr"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 8ae602f16e4441da-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
bluelitetoday.com/ 18 KB
8 KB 91ms
40ms Document
text/html 2606:4700:3031::6815:231b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bluelitetoday.com/?p=hfswkobumm5gi3bpha4dini&sub1=scars&sub3=jekitass5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:231b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcc5baa9354506de05fac1103de784350344cf1f6f483c9236c297ed2f653df5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ae602f279879f63-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 05 Aug 2024 10:12:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v8tjQo7LZrqNQc81GY7J6skkg%2B6OPuNPrGr921lah0pOCqNGQcMZ97bj%2B%2FJZ7icbdQiVkl%2F8CJVRJJwkxDsnia32g2WZIInoSeQDxlWbshGsfaY020PeJNKrZPJQZtGwMXFIZliGCZLD6iSheliAEg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 204 favicon.ico
bluelitetoday.com/ 0
423 B 26ms
25ms Other
text/plain 2606:4700:3031::6815:231b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bluelitetoday.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:231b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bluelitetoday.com/?p=hfswkobumm5gi3bpha4dini&sub1=scars&sub3=jekitass5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:12:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2609
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z0Vugg%2FcHcFfv0HSAN7lv5tsIdjHxwqzy4GuE73xdWSDXUiSTK3d%2FRaZHSB73th7RbBFvuXHLepFUnhsVwvEzV94M2hhCTOT5SqzlktERq%2BjXp65J2gS2fonUwbYwCQ%2BSGoDjlkYWjCNmOleMBqW1A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8ae602f3cb629f63-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 Primary Request / Show response
0.bluelitetoday.com/ 12 KB
7 KB 60ms
41ms Document
text/html 2606:4700:3031::6815:231b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0.bluelitetoday.com/?p=hfswkobumm5gi3bpha4dini&sub1=scars&sub3=jekitass5
Requested by: Host: www.allhackernews.com
URL: https://www.allhackernews.com/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:231b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38ac51616459197aea44adba5acc738c6fdf2182b7fd1d2523e7f33f645f1f01

Request headers

Referer: https://bluelitetoday.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ae602fd88139f63-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 05 Aug 2024 10:12:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sAEy7mb%2B8WK5EQJvpBwJVB1%2B70A0tgW3Mj5sdnXgunSwpTJ8P41%2Bp0fSkBtqY9d2i4YRs%2FF4pWwL9YBxmucVHpzfMXL47T6B3PXd%2B36Yg4n3Co5vOD%2FUN7bFoVFYXYGqswU3Dzis87hdryEhuaYhlUPv"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
DATA 200
OK truncated
/ 748 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 378 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 377 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 favicon.ico
0.bluelitetoday.com/ 0
419 B 24ms
24ms Other
text/plain 2606:4700:3031::6815:231b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0.bluelitetoday.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:231b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://0.bluelitetoday.com/?p=hfswkobumm5gi3bpha4dini&sub1=scars&sub3=jekitass5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:12:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5210
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E4ZJOjJjgioIqxc35r0jUufyIZcjDt16nGPWJphBTB6QcQIWC9Chzn%2BTZYb0T5CwjCOtkFzu9kzFKfGffni1a9FYgZ4dvIi1yffL%2FdkriE%2FJSjhDOb5Hv0DmJM9MGmiu%2BPcsYmDiRQk1eyYGEqcT0qzl"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8ae602fde8899f63-AMS
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static-files.allhackernews.com
URL: https://static-files.allhackernews.com/wp-content/themes/Newspaper/images/sprite/elements.png

Domain: static-files.allhackernews.com
URL: https://static-files.allhackernews.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?14

Domain: away.taskscompletedlists.com
URL: https://away.taskscompletedlists.com/tyierrtt

Domain: away.taskscompletedlists.com
URL: https://away.taskscompletedlists.com/tyierrtt

Domain: www.allhackernews.com
URL: https://www.allhackernews.com/wp-content/uploads/2018/02/logo-300x84.png

Domain: static-files.allhackernews.com
URL: https://static-files.allhackernews.com/wp-content/uploads/apt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack-696x363.jpg

Domain: static-files.allhackernews.com
URL: https://static-files.allhackernews.com/wp-content/uploads/vmware-esxi-flaw-exploited-by-ransomware-groups-for-admin-access-100x70.png

Domain: static-files.allhackernews.com
URL: https://static-files.allhackernews.com/wp-content/uploads/the-power-and-peril-of-rmm-tools-100x70.png

Domain: static-files.allhackernews.com
URL: https://static-files.allhackernews.com/wp-content/uploads/us-releases-high-profile-russian-hackers-in-diplomatic-prisoner-exchange-100x70.png

Domain: static-files.allhackernews.com
URL: https://static-files.allhackernews.com/wp-content/uploads/chinese-hackers-target-japanese-firms-with-lodeinfo-and-noopdoor-malware-100x70.png

Domain: static-files.allhackernews.com
URL: https://static-files.allhackernews.com/wp-content/uploads/meta-settles-for-14-billion-with-texas-over-illegal-biometric-data-collection-100x70.png

Domain: static-files.allhackernews.com
URL: https://static-files.allhackernews.com/wp-content/uploads/cyber-espionage-group-xdspy-targets-companies-in-russia-and-moldova-100x70.png

Domain: static-files.allhackernews.com
URL: https://static-files.allhackernews.com/wp-content/uploads/new-android-trojan-blankbot-targets-turkish-users-financial-data-100x70.png

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-7SNQN1Q83C&gtm=45je3210&_p=1055881762&cid=1727687649.1722852775&ul=de-de&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1722852774&sct=1&seg=0&dl=https%3A%2F%2Fwww.allhackernews.com%2Fapt41-hackers-use-shadowpad-cobalt-strike-in-taiwanese-institute-cyber-attack%2F&dt=APT41%20Hackers%20Use%20ShadowPad%2C%20Cobalt%20Strike%20in%20Taiwanese%20Institute%20Cyber%20Attack%20%E2%80%93%20All%20Hacker%20News&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| urlB64ToUint8Array

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.allhackernews.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: jhourq59j1tmatg3uj03tgh25i
.allhackernews.com/	1970-01-21 08:10:12	Name: _ga_7SNQN1Q83C Value: GS1.1.1722852774.1.0.1722852774.0.0.0
.allhackernews.com/	1970-01-21 08:10:12	Name: _ga Value: GA1.1.1727687649.1722852775
.bluelitetoday.com/	1970-01-20 23:17:24	Name: uuid Value: e21d9530-8a97-4ef7-b5a8-0b615dde8719
.0.bluelitetoday.com/	1970-01-20 23:17:24	Name: uuid Value: e21d9530-8a97-4ef7-b5a8-0b615dde8719

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://away.taskscompletedlists.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.bluelitetoday.com
away.taskscompletedlists.com
bluelitetoday.com
cdn.iflychat.com
cdn.rdntocdns.com
flow.recordsbluemountain.com
fonts.googleapis.com
fonts.gstatic.com
gogo.recordsbluemountain.com
static-files.allhackernews.com
www.allhackernews.com
www.google-analytics.com
away.taskscompletedlists.com
static-files.allhackernews.com
www.allhackernews.com
www.google-analytics.com
2600:9000:2057:400:e:f20a:1f00:93a1
2606:4700:3031::6815:231b
2606:4700:3031::6815:2975
2606:4700:3031::ac43:9723
2606:4700:3033::ac43:a717
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a06:98c1:3120::3
2a06:98c1:3121::3
03c3e8b021e9d60a996c86831500fa20109333881eb43edc64aa40ce4a1a7e0c
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
38ac51616459197aea44adba5acc738c6fdf2182b7fd1d2523e7f33f645f1f01
398472186bb1ae9e295e8f469e10d896567b2f88b01eadefba4425e067737b93
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e44fb721d3be9376c6e5e946109067a04da84ae10b3f27a03ada7a3731e515c
493577fa7e2db4792e3c9f57bac2490c8b6197f802f3e4c9702d20e6032fee0e
49a03cffa9784b08b9d801dc162e3286580e5bf3bdc8c72635c8712162d52a67
4af9dac8fb9b63a0212749b1d6a4466fab62ba560c630c71b378c1fcde550797
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5c3cb71138ba89f1cf2419b37b83b35f896ec41631b116926520ae31541fd9bb
5c9ffea0ee03e55806cf0d8a4a4ec302ac3e9d2b41c1c4d8b979681a0c7b2b57
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d
6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5
79b3a5533feba36a38c4bb143162129d67b9d0ab2a729d5c9c8c1b563153dc9e
8665d6674f470e9eab24d720e2887c5579a554f2241f340ad6bafae8b4c6f089
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9534368c7599ff634a276b46679aaef4d0e8eea9d18d259694e07b3b161c216c
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
a0ea2fa35271c78084c0244430b865af459ba144154779a691b70fedb0a3f0e8
a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23
a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00
ac68ff3acee571333344cf315744789d546aebf8e05f46068f901d0934ddcc77
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
afda15de6bd67606a636bf4d909595afdff70e37085259ed41bffef59713b770
b2c9b95f8ce7fc4ef51c5aa682cc179ad65bfaeaf438e8f2eae48e674d6e8630
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bcc5baa9354506de05fac1103de784350344cf1f6f483c9236c297ed2f653df5
bf3fd5760176d67bfd5fbdefc9cfa17babd0df1dd0a5d4e3c21c5784ad75be9c
c640426ed18756f3f7916e9fff39e857812da9e9183d4195f5e4e072c63820f4
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d804ea56219fb201a483d39fb46878e9dd724b72230a8b977ab1f16f896c370c
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e852727c3bdfe06d3b2bb8155ad7f27b95b281fbb8d37eca3da1d39816b01c1f
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e

0.bluelitetoday.com Open in urlscan Pro 2606:4700:3031::6815:231b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

73 %HTTPS

100 %IPv6

9 Domains

12 Subdomains

10 IPs

2 Countries

611 kBTransfer

2067 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

0.bluelitetoday.com Open in urlscan Pro
2606:4700:3031::6815:231b Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

73 %
HTTPS

100 %
IPv6

9
Domains

12
Subdomains

10
IPs

2
Countries

611 kB
Transfer

2067 kB
Size

5
Cookies

52 HTTP transactions
7 data transactions