www.itsecuritynews.info Open in urlscan Pro
2a01:238:20a:202:1079:: Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Submission: On August 21 via manual (August 21st 2024, 5:58:34 pm UTC) from US — Scanned from DE

Summary HTTP 84 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 15 domains to perform 84 HTTP transactions. The main IP is 2a01:238:20a:202:1079::, located in Germany and belongs to STRATO STRATO AG, DE. The main domain is www.itsecuritynews.info.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on July 7th 2024. Valid for: a year.

This is the only time www.itsecuritynews.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	2a01:238:20a:... 2a01:238:20a:202:1079::	6724 (STRATO ST...) (STRATO STRATO AG)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
3	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1 14	2400:52e0:1e0... 2400:52e0:1e00::1080:1	60068 (CDN77 _) (CDN77 _)
5	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
10	44.237.18.104 44.237.18.104	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	104.19.149.92 104.19.149.92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.0.13 157.240.0.13	32934 (FACEBOOK) (FACEBOOK)
1	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
84	17

30 2a01:238:20a:202:1079:: (Germany)

ASN6724 (STRATO STRATO AG, DE)

www.itsecuritynews.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sorinmustaca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2400:52e0:1e00::1080:1 (Germany) 1 redirects

ASN60068 (CDN77 _, GB)

load.sumome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 44.237.18.104 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-18-104.us-west-2.compute.amazonaws.com

sumome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients6.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.149.92 (None, )

ASN13335 (CLOUDFLARENET, US)

api.bufferapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-shv-02-fra3.facebook.com

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	itsecuritynews.info www.itsecuritynews.info	344 KB
24	sumome.com 1 redirects load.sumome.com — Cisco Umbrella Rank: 36828 sumome.com — Cisco Umbrella Rank: 32288	682 KB
9	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662 clients6.google.com — Cisco Umbrella Rank: 220	198 KB
3	gstatic.com fonts.gstatic.com	196 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157	193 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	250 KB
2	facebook.com graph.facebook.com — Cisco Umbrella Rank: 118 api.facebook.com — Cisco Umbrella Rank: 738	786 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123
2	wp.com stats.wp.com — Cisco Umbrella Rank: 4519 pixel.wp.com — Cisco Umbrella Rank: 4225	3 KB
1	pinterest.com widgets.pinterest.com — Cisco Umbrella Rank: 35279	367 B
1	bufferapp.com api.bufferapp.com — Cisco Umbrella Rank: 133065	370 B
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 129	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	6 KB
1	sorinmustaca.com sorinmustaca.com	1 KB
0	reddit.com Failed www.reddit.com Failed
84	15

	Domain	Requested by
29	www.itsecuritynews.info	www.itsecuritynews.info
14	load.sumome.com	1 redirects www.itsecuritynews.info load.sumome.com
10	sumome.com	load.sumome.com
8	fundingchoicesmessages.google.com	www.itsecuritynews.info pagead2.googlesyndication.com
3	fonts.gstatic.com	www.itsecuritynews.info fonts.googleapis.com
3	pagead2.googlesyndication.com	www.itsecuritynews.info pagead2.googlesyndication.com www.googletagmanager.com
3	www.googletagmanager.com	www.itsecuritynews.info www.googletagmanager.com
2	region1.google-analytics.com	www.googletagmanager.com
1	widgets.pinterest.com	load.sumome.com
1	api.facebook.com	load.sumome.com
1	graph.facebook.com	load.sumome.com
1	api.bufferapp.com	load.sumome.com
1	clients6.google.com	load.sumome.com
1	lh3.googleusercontent.com	www.itsecuritynews.info
1	fonts.googleapis.com
1	pixel.wp.com	www.itsecuritynews.info
1	stats.wp.com	www.itsecuritynews.info
1	sorinmustaca.com	www.itsecuritynews.info
0	www.reddit.com Failed
84	19

This site contains links to these domains. Also see Links.

Domain
www.twitter.com
www.facebook.com
t.me
www.linkedin.com
www.itsecuritynews.org
themes.bavotasan.com

Subject Issuer	Validity	Valid
www.itsecuritynews.info Encryption Everywhere DV TLS CA - G2	`2024-07-07` - `2025-07-29`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
www.sorinmustaca.com Encryption Everywhere DV TLS CA - G2	`2024-07-06` - `2025-07-26`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
load.sumome.com R10	`2024-07-30` - `2024-10-28`	3 months	crt.sh
*.sumome.com Amazon RSA 2048 M03	`2024-01-18` - `2025-02-15`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
api.bufferapp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-06` - `2025-09-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-31` - `2024-08-29`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-05` - `2025-08-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Frame ID: 7E626D0B593E75EFB5FB6DD3240E97C4
Requests: 84 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Previously unseen Msupedge backdoor targeted a university in Taiwan

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

SumoMe (Widgets) Expand

Overall confidence: 100%
Detected patterns

load\.sumome\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

84
Requests

95 %
HTTPS

56 %
IPv6

15
Domains

19
Subdomains

17
IPs

3
Countries

1881 kB
Transfer

6824 kB
Size

1
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.twitter.com/it_SecurityNews

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ITSecNewsInfo

Search URL Search Domain Scan URL

URL: https://t.me/it_security_news_info

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/it-security-news

Search URL Search Domain Scan URL

URL: https://www.itsecuritynews.org/
Title: IT Security News Intl. (EN, DE)

Search URL Search Domain Scan URL

URL: https://themes.bavotasan.com/
Title: bavotasan.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://load.sumome.com/ HTTP 301
https://load.sumome.com/sumome.js

Request Chain 74

https://reddit.com/button_info.json?url=https%3A%2F%2Fwww.itsecuritynews.info%2Fpreviously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan%2F&jsonp=jQuery1110003271424877563889_1724263108610&_=1724263108611 HTTP 301
https://www.reddit.com/button_info.json?url=https%3A%2F%2Fwww.itsecuritynews.info%2Fpreviously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan%2F&jsonp=jQuery1110003271424877563889_1724263108610&_=1724263108611

84 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/ 140 KB
34 KB 632ms
458ms Document
text/html 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) / PHP/8.1.29
Resource Hash: 8706d36d880dd99a1cd4b9a2f9e63ebebec3349b9fd0e25fb4b4981cb305b052

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 21 Aug 2024 17:58:27 GMT
link: <https://www.itsecuritynews.info/wp-json/>; rel="https://api.w.org/" <https://www.itsecuritynews.info/wp-json/wp/v2/posts/1329900>; rel="alternate"; title="JSON"; type="application/json" <https://wp.me/p7hb5p-5zY0>; rel=shortlink
server: Apache/2.4.62 (Unix)
vary: accept,content-type,User-Agent,Accept-Encoding
x-powered-by: PHP/8.1.29

GET
H2 200 style.min.css
www.itsecuritynews.info/wp-includes/css/dist/block-library/ 110 KB
15 KB 74ms
70ms Stylesheet
text/css 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: 885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:27 GMT
content-encoding: gzip
last-modified: Tue, 23 Jul 2024 16:25:45 GMT
server: Apache/2.4.62 (Unix)
etag: "1b723-61dec9d1954a5"
vary: User-Agent,Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 14835

GET
H2 200 mediaelementplayer-legacy.min.css
www.itsecuritynews.info/wp-includes/js/mediaelement/ 11 KB
3 KB 63ms
60ms Stylesheet
text/css 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:27 GMT
content-encoding: gzip
last-modified: Fri, 09 Apr 2021 14:09:53 GMT
server: Apache/2.4.62 (Unix)
etag: "2bf8-5bf8ab7c5e14b"
vary: User-Agent,Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2592

GET
H2 200 wp-mediaelement.min.css
www.itsecuritynews.info/wp-includes/js/mediaelement/ 4 KB
1 KB 61ms
58ms Stylesheet
text/css 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.6.1
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:27 GMT
content-encoding: gzip
last-modified: Fri, 09 Apr 2021 14:09:53 GMT
server: Apache/2.4.62 (Unix)
etag: "105a-5bf8ab7c61792"
vary: User-Agent,Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1156

GET
H2 200 jquery.smartbanner.min.css
www.itsecuritynews.info/wp-content/plugins/appbanners.old/lib/smartbanner/ 4 KB
1 KB 66ms
63ms Stylesheet
text/css 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-content/plugins/appbanners.old/lib/smartbanner/jquery.smartbanner.min.css?ver=6.6.1
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: 243fac45c341f7dd99dc4482268b90f65842fe52d7970bf1f6f5523a3067f045

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:27 GMT
content-encoding: gzip
last-modified: Fri, 09 Apr 2021 15:16:08 GMT
server: Apache/2.4.62 (Unix)
etag: "ee1-5bf8ba4be3d55"
vary: User-Agent,Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1242

GET
H2 200 google_fonts.css
www.itsecuritynews.info/wp-content/uploads/omgf/google_fonts/ 2 KB
530 B 62ms
60ms Stylesheet
text/css 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-content/uploads/omgf/google_fonts/google_fonts.css?ver=1660230400
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: 7c21256b7b0a7cefb3592ecf6473df263e0e5dfcefcfc72bc5864e22589916ea

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:27 GMT
content-encoding: gzip
last-modified: Tue, 26 Sep 2023 09:32:10 GMT
server: Apache/2.4.62 (Unix)
etag: "9b4-6063fbfc14d22"
vary: User-Agent,Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 457

GET
H2 200 style.css
www.itsecuritynews.info/wp-content/themes/magazine-basic/ 37 KB
9 KB 63ms
61ms Stylesheet
text/css 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-content/themes/magazine-basic/style.css?ver=6.6.1
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: 32c19b2053974b453ac50303393f01947100385c292a9d5e842f819577e7a7e1

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:27 GMT
content-encoding: gzip
last-modified: Tue, 26 Sep 2023 09:32:02 GMT
server: Apache/2.4.62 (Unix)
etag: "9402-6063fbf4d8c15"
vary: User-Agent,Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 8826

GET
H2 200 font-awesome.css
www.itsecuritynews.info/wp-content/themes/magazine-basic/library/css/ 37 KB
7 KB 63ms
61ms Stylesheet
text/css 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-content/themes/magazine-basic/library/css/font-awesome.css?ver=4.7.0
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: 36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:27 GMT
content-encoding: gzip
last-modified: Tue, 26 Sep 2023 09:32:02 GMT
server: Apache/2.4.62 (Unix)
etag: "9226-6063fbf4f7c49"
vary: User-Agent,Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 7439

GET
H2 200 jetpack.css
www.itsecuritynews.info/wp-content/plugins/jetpack/css/ 106 KB
19 KB 109ms
107ms Stylesheet
text/css 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-content/plugins/jetpack/css/jetpack.css?ver=13.7
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: 448c2c8f586e597e18732391de3038defacd4fc0e67f1ff0378d0a62e2949f7a

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:27 GMT
content-encoding: gzip
last-modified: Wed, 07 Aug 2024 04:24:43 GMT
server: Apache/2.4.62 (Unix)
etag: "1a9a8-61f104a158851"
vary: User-Agent,Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 19547

GET
H2 200 related-posts.min.js Show response
www.itsecuritynews.info/wp-content/plugins/jetpack/_inc/build/related-posts/ 6 KB
2 KB 62ms
60ms Script
text/javascript 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-content/plugins/jetpack/_inc/build/related-posts/related-posts.min.js?ver=20240116
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: a68827190bc01a61ee0a62ec59efa74497a6bc5aa8586f1fac50a58d0cf42d88

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:27 GMT
content-encoding: gzip
last-modified: Wed, 07 Aug 2024 04:24:44 GMT
server: Apache/2.4.62 (Unix)
etag: "1661-61f104a2c57ed"
vary: User-Agent,Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 1923

GET
H2 200 jquery.min.js Show response
www.itsecuritynews.info/wp-includes/js/jquery/ 86 KB
30 KB 113ms
112ms Script
text/javascript 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:27 GMT
content-encoding: gzip
last-modified: Wed, 08 Nov 2023 15:26:20 GMT
server: Apache/2.4.62 (Unix)
etag: "15601-609a5b58962e6"
vary: User-Agent,Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 30368

GET
H2 200 jquery-migrate.min.js Show response
www.itsecuritynews.info/wp-includes/js/jquery/ 13 KB
5 KB 114ms
112ms Script
text/javascript 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:27 GMT
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 04:25:04 GMT
server: Apache/2.4.62 (Unix)
etag: "3509-60275dd2103f3"
vary: User-Agent,Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 4872

GET
H2 200 frontend.js Show response
www.itsecuritynews.info/wp-content/plugins/stop-user-enumeration/frontend/js/ 486 B
339 B 125ms
123ms Script
text/javascript 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.6.1
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: 8bbc0a7737643dd7c2344ba961592632153cb5353c92c5127339627e14b09143

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:27 GMT
content-encoding: gzip
last-modified: Wed, 17 Jul 2024 04:24:40 GMT
server: Apache/2.4.62 (Unix)
etag: "1e6-61d69d73b0b92"
vary: User-Agent,Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 266

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 301 KB
102 KB 281ms
39ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7N4Z84JJY

Requested by

Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d250367bfab451a71f4c165834597196bbc37631233d755364a1d990b9af336

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103879
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Aug 2024 17:58:28 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
51 KB 279ms
52ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5751281961085733&host=ca-host-pub-2644536267352236

Requested by

Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

7856761653ebf44869cf299328794f28de3713f732e580e0b628e50a0ed39938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itsecuritynews.info/
Origin: https://www.itsecuritynews.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52466
x-xss-protection: 0
server: cafe
etag: 4234074719385520534
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 21 Aug 2024 17:58:28 GMT

GET
H2 200 pub-5751281961085733 Show response
fundingchoicesmessages.google.com/i/ 202 KB
66 KB 305ms
63ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-5751281961085733?ers=1

Requested by

Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

03d1e3014a0a79d4f9fc9fddc91688deef96a0b0ee2f16b97d6b0dc36dd64032

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VIb-VxbVEvx8qT2zLCxEzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-VIb-VxbVEvx8qT2zLCxEzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII0pBiOHnrNtNFID7vdIfpOhBLfH3JpAHETukzWIOA2Kd-BmsMELfePMc6FYiT_p1nLQJid62LrP5AvCTiIuuhxIushgqXWB2B-P66S6zPgXjvx0usR4FYiIfjyNUZ29gEPjTt3cyopJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGJgYWipZ2ASX2AAAA70Q60"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 twitter.png
sorinmustaca.com/wp-content/uploads/2014/02/ 1 KB
1 KB 303ms
60ms Image
image/png 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sorinmustaca.com/wp-content/uploads/2014/02/twitter.png
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: 1ea2ad59c34bbe820d9057d67c6bef66641647d12420dc09c9c37432536cfb59

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
last-modified: Fri, 07 Feb 2014 18:59:33 GMT
server: Apache/2.4.62 (Unix)
vary: User-Agent
content-type: image/png
cache-control: public
accept-ranges: bytes
content-length: 1162
expires: Wed, 18 Sep 2024 17:58:28 GMT

GET
H2 200 fb-logo.png
www.itsecuritynews.info/wp-content/uploads/2024/04/ 49 KB
49 KB 57ms
57ms Image
image/png 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itsecuritynews.info/wp-content/uploads/2024/04/fb-logo.png
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: 7141c8d0e5f85df97290c3ebbc61021bfa7a7453b9e8dd0294598541eb392b57

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
last-modified: Mon, 15 Apr 2024 13:45:05 GMT
server: Apache/2.4.62 (Unix)
etag: "c442-61622d433e613"
vary: User-Agent
content-type: image/png
accept-ranges: bytes
content-length: 50242

GET
H2 200 telegram-logo.png
www.itsecuritynews.info/wp-content/uploads/2024/04/ 12 KB
13 KB 63ms
62ms Image
image/png 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itsecuritynews.info/wp-content/uploads/2024/04/telegram-logo.png
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: 13b1651007e9efab9e479b1a61ee0bb405425813e2fb6a131065c1133be9f620

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
last-modified: Mon, 15 Apr 2024 13:41:54 GMT
server: Apache/2.4.62 (Unix)
etag: "31e6-61622c8d43359"
vary: User-Agent
content-type: image/png
accept-ranges: bytes
content-length: 12774

GET
H2 200 linkedin-logo.png
www.itsecuritynews.info/wp-content/uploads/2024/04/ 1 KB
1 KB 62ms
61ms Image
image/png 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itsecuritynews.info/wp-content/uploads/2024/04/linkedin-logo.png
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: 9763afd6a6519e38f624d3d326eb5bfd45f51c220db97c320ee58b05f7782bfa

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
last-modified: Mon, 15 Apr 2024 13:21:51 GMT
server: Apache/2.4.62 (Unix)
etag: "42d-61622812399e9"
vary: User-Agent
content-type: image/png
accept-ranges: bytes
content-length: 1069

GET
H2 200 jquery.smartbanner.min.js Show response
www.itsecuritynews.info/wp-content/plugins/appbanners.old/lib/smartbanner/ 8 KB
3 KB 114ms
113ms Script
text/javascript 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-content/plugins/appbanners.old/lib/smartbanner/jquery.smartbanner.min.js?ver=6.6.1
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: f8d1a516a91e8ec8ee0d1e85f26af0386c2e8eb19531aef7f56bd2ed0b7afbbd

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:27 GMT
content-encoding: gzip
last-modified: Fri, 09 Apr 2021 15:16:08 GMT
server: Apache/2.4.62 (Unix)
etag: "20f9-5bf8ba4be701b"
vary: User-Agent,Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 2861

GET
H2 200 config.min.js Show response
www.itsecuritynews.info/wp-content/plugins/appbanners.old/js/ 179 B
180 B 114ms
113ms Script
text/javascript 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-content/plugins/appbanners.old/js/config.min.js?ver=6.6.1
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: e3fb219c43ead124bf3a8fda1c4e577fd02821ecaae82b96144360dfca98c156

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:27 GMT
content-encoding: gzip
last-modified: Fri, 09 Apr 2021 15:16:08 GMT
server: Apache/2.4.62 (Unix)
etag: "b3-5bf8ba4bdef17"
vary: User-Agent,Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 131

GET
H2 200 comment-reply.min.js Show response
www.itsecuritynews.info/wp-includes/js/ 3 KB
1 KB 58ms
58ms Script
text/javascript 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-includes/js/comment-reply.min.js?ver=6.6.1
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 04:25:04 GMT
server: Apache/2.4.62 (Unix)
etag: "ba5-5dfce7518f96b"
vary: User-Agent,Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 1351

GET
H2 200 theme.js Show response
www.itsecuritynews.info/wp-content/themes/magazine-basic/library/js/ 1 KB
683 B 59ms
54ms Script
text/javascript 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-content/themes/magazine-basic/library/js/theme.js?ver=6.6.1
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: e1e2c6d21331d53eee41af373c0a862a63f3a2089d9ae07fd36daab4f2b86ea8

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:27 GMT
content-encoding: gzip
last-modified: Tue, 26 Sep 2023 09:32:02 GMT
server: Apache/2.4.62 (Unix)
etag: "543-6063fbf4e340a"
vary: User-Agent,Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 633

GET
H2 200 googlesitekit-consent-mode-3d6495dceaebc28bcca3.js Show response
www.itsecuritynews.info/wp-content/plugins/google-site-kit/dist/assets/js/ 73 KB
25 KB 72ms
70ms Script
text/javascript 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-content/plugins/google-site-kit/dist/assets/js/googlesitekit-consent-mode-3d6495dceaebc28bcca3.js
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: 82fbcdbe0b2bdc9a7619c5a99684e09abeb12a11c7dcc5e6e3ed2227ee4461b0

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:27 GMT
content-encoding: gzip
last-modified: Tue, 13 Aug 2024 04:24:39 GMT
server: Apache/2.4.62 (Unix)
etag: "123f7-61f88fcf2054e"
vary: User-Agent,Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 25597

GET
H2 200 e-202434.js Show response
stats.wp.com/ 7 KB
3 KB 273ms
28ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202434.js
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Wed, 21 Aug 2024 17:58:28 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14421-1717166114261.106
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Sat, 16 Aug 2025 19:30:52 GMT

GET
H2 200 wp-consent-api.min.js Show response
www.itsecuritynews.info/wp-content/plugins/wp-consent-api/assets/js/ 2 KB
748 B 73ms
72ms Script
text/javascript 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-content/plugins/wp-consent-api/assets/js/wp-consent-api.min.js?ver=1.0.7
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: edb6c7358824cfc0cb6ebb6cc13224599ef3a4cb5ee44cc06367517c7b101e87

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-encoding: gzip
last-modified: Mon, 08 Apr 2024 16:09:52 GMT
server: Apache/2.4.62 (Unix)
etag: "702-61598091e844f"
vary: User-Agent,Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 675

GET
BLOB 200
OK cee0631c-975a-44d8-aca0-c297797fa36a
https://www.itsecuritynews.info/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.itsecuritynews.info/cee0631c-975a-44d8-aca0-c297797fa36a
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 pub-5751281961085733 Show response
fundingchoicesmessages.google.com/b/ 11 KB
6 KB 270ms
30ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/b/pub-5751281961085733

Requested by

Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a8981de6c6152a3b609d2f79eb3558ec33af828b09a870ee01e37a5c81fc30c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GXMLeK5Me7tJ0YABr--T8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-GXMLeK5Me7tJ0YABr--T8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw0pBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAmJ3rYus_kC8JOIi66HEi6yGCpdYHYH4_rpLrM-BeO_HS6xHgViIh-PI1Rnb2AR2_NuzmFFJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDC0FLPwCS-wAAAFlY-yA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 180 KB
65 KB 297ms
56ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P5PJNN9

Requested by

Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3aa1e897e561c66d536427b4b9e52d8137e9b8f9830ecc562eae5e84bf39181

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66668
x-xss-protection: 0
last-modified: Wed, 21 Aug 2024 17:19:12 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Aug 2024 17:58:28 GMT

GET
H2 200 bg-hatch.gif
www.itsecuritynews.info/wp-content/themes/magazine-basic/library/images/ 86 B
142 B 74ms
72ms Image
image/gif 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itsecuritynews.info/wp-content/themes/magazine-basic/library/images/bg-hatch.gif
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/wp-content/themes/magazine-basic/style.css?ver=6.6.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: 9f758e46392ab6531b32122d0f433db420fd4f7aa44362a123b39665fce0255d

Request headers

Referer: https://www.itsecuritynews.info/wp-content/themes/magazine-basic/style.css?ver=6.6.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
last-modified: Tue, 26 Sep 2023 09:32:02 GMT
server: Apache/2.4.62 (Unix)
etag: "56-6063fbf4edc64"
vary: User-Agent
content-type: image/gif
accept-ranges: bytes
content-length: 86

GET
H2 200 cantata-one-normal-latin-400.woff2
www.itsecuritynews.info/wp-content/uploads/omgf/google_fonts/ 18 KB
18 KB 58ms
57ms Font
font/woff2 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-content/uploads/omgf/google_fonts/cantata-one-normal-latin-400.woff2
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/wp-content/uploads/omgf/google_fonts/google_fonts.css?ver=1660230400
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: 177c63f8ed110cccfe81ea2fa9e0ced72e159b7d7a514bccb58c33e7e08769c5

Request headers

Referer: https://www.itsecuritynews.info/wp-content/uploads/omgf/google_fonts/google_fonts.css?ver=1660230400
Origin: https://www.itsecuritynews.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-encoding: gzip
last-modified: Tue, 26 Sep 2023 09:32:10 GMT
server: Apache/2.4.62 (Unix)
etag: "4890-6063fbfc168a2"
vary: User-Agent,Accept-Encoding
content-type: font/woff2
accept-ranges: bytes
content-length: 18599

GET
H2 200 lato-normal-latin-300.woff2
www.itsecuritynews.info/wp-content/uploads/omgf/google_fonts/ 23 KB
23 KB 55ms
55ms Font
font/woff2 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-content/uploads/omgf/google_fonts/lato-normal-latin-300.woff2
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/wp-content/uploads/omgf/google_fonts/google_fonts.css?ver=1660230400
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: 115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Request headers

Referer: https://www.itsecuritynews.info/wp-content/uploads/omgf/google_fonts/google_fonts.css?ver=1660230400
Origin: https://www.itsecuritynews.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-encoding: gzip
last-modified: Tue, 26 Sep 2023 09:32:10 GMT
server: Apache/2.4.62 (Unix)
etag: "5ac4-6063fbfc1609a"
vary: User-Agent,Accept-Encoding
content-type: font/woff2
accept-ranges: bytes
content-length: 23019

GET
H2 200 fontawesome-webfont.woff2
www.itsecuritynews.info/wp-content/themes/magazine-basic/library/fonts/ 75 KB
75 KB 58ms
58ms Font
font/woff2 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-content/themes/magazine-basic/library/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/wp-content/themes/magazine-basic/library/css/font-awesome.css?ver=4.7.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.itsecuritynews.info/wp-content/themes/magazine-basic/library/css/font-awesome.css?ver=4.7.0
Origin: https://www.itsecuritynews.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-encoding: gzip
last-modified: Tue, 26 Sep 2023 09:32:02 GMT
server: Apache/2.4.62 (Unix)
etag: "12d68-6063fbf4f16c9"
vary: User-Agent,Accept-Encoding
content-type: font/woff2
accept-ranges: bytes

GET
H2

200

sumome.js Show response
load.sumome.com/
Redirect Chain

https://load.sumome.com/
https://load.sumome.com/sumome.js

2 KB
2 KB

15ms
9ms

Script
application/javascript

2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/sumome.js
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Server: 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 97ac9767d44365a2b17cb263a8698bacdaa7a267bc2bb98245a90033ba7aa482

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-amz-request-id: S72J9HYMDE0K69GG
cdn-cachedat: 08/08/2024 22:05:24
cdn-pullzone: 1686293
x-amz-id-2: 9Txu793Jzv3KVt2wonRbL7smYJwhBLr2rTlWtbqM8HY98/UmYQkYP8Q6ciJi7WOO0pGZO7xBboE=
last-modified: Thu, 08 Aug 2024 21:59:09 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"1a2a90e3f8c860c9160327c298058541"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=600
cdn-requestid: 0091eca18e9be61125c33863c447c251
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

date: Wed, 21 Aug 2024 17:58:28 GMT
server: BunnyCDN-DE1-1080
content-type: text/html
location: https://load.sumome.com/sumome.js
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: no-cache
cdn-pullzone: 1686293
cdn-requestid: 36240e4f4661196d99304b23547559ec
cdn-requestcountrycode: DE
content-length: 162

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 37ms
12ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=107528547&post=1329900&tz=1&srv=www.itsecuritynews.info&j=1%3A13.7&host=www.itsecuritynews.info&ref=&fcp=1233&rand=0.7555322457047997
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Aug 2024 17:58:28 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 wp-emoji-release.min.js Show response
www.itsecuritynews.info/wp-includes/js/ 18 KB
5 KB 60ms
51ms Script
text/javascript 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by: Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-encoding: gzip
last-modified: Wed, 03 Apr 2024 09:25:27 GMT
server: Apache/2.4.62 (Unix)
etag: "4926-6152dcd9d0253"
vary: User-Agent,Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 5062

GET
H2 200 / Show response
www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/ 3 KB
1 KB 368ms
358ms XHR
application/json 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/?relatedposts=1

Requested by

Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/wp-content/plugins/jetpack/_inc/build/related-posts/related-posts.min.js?ver=20240116

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),

Reverse DNS

Software

Apache/2.4.62 (Unix) / PHP/8.1.29

Resource Hash

c15a9b4fd821f17a65ff15a8510a297f5ea12f7b645e16e34433a9da210d41ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
x-requested-with: XMLHttpRequest

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache/2.4.62 (Unix)
x-powered-by: PHP/8.1.29
vary: accept,content-type,User-Agent,Accept-Encoding
content-type: application/json; charset=utf-8

GET
H3 204 AGSKWxUIeVlsyijEFvK8Q4N7dNgKMm-z-WD_6kGHFpm4MYwXQqgSXKuP_HVkR8qo5IAuV_u4Z6BFTft3nVfswXdwcb8WWA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 35ms
19ms XHR
text/html 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUIeVlsyijEFvK8Q4N7dNgKMm-z-WD_6kGHFpm4MYwXQqgSXKuP_HVkR8qo5IAuV_u4Z6BFTft3nVfswXdwcb8WWA==

Requested by

Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ms7sjh2Fxpqb-dKhnVlrOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-ms7sjh2Fxpqb-dKhnVlrOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0JBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDiOXJ2xjU1gxfYNhxiVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBhZGBnoF5fIEBAF4xLio"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.itsecuritynews.info
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 AGSKWxVBsY0b_Er1JxscMxDMhBpLo9kx5z1OZpk9838Jep4wJHxnFlUB4xQ_y9TdgOFZTEPSx9uVEqukwBbBI6-ny66B3g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 36ms
21ms XHR
text/html 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVBsY0b_Er1JxscMxDMhBpLo9kx5z1OZpk9838Jep4wJHxnFlUB4xQ_y9TdgOFZTEPSx9uVEqukwBbBI6-ny66B3g==

Requested by

Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CTWo9VNDtSwESgcofo2kcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-CTWo9VNDtSwESgcofo2kcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1JBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDiOXJ2xjU3gxoUzhxiVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBhZGBnoF5fIEBAH-vLpg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.itsecuritynews.info
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408140101/ 423 KB
142 KB 59ms
43ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5751281961085733&plah=www.itsecuritynews.info&bust=31086219

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5751281961085733&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

4c0d062499925774ccdfb7385416a5c46ec5ce32b76e7b6f717f6412ae6945db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145396
x-xss-protection: 0
server: cafe
etag: 1929723874806607151
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Aug 2024 17:58:28 GMT

GET
H2 200 1.128b7099bb49bb3a35d0.js Show response
load.sumome.com/ 465 KB
152 KB 23ms
22ms Script
application/javascript 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/1.128b7099bb49bb3a35d0.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: f3b2304f341757a530b562cb7b472cfc94dd50fa234dcb2658780604a1b3e356

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-amz-request-id: SF076R04D2A7QFX1
cdn-cachedat: 08/08/2024 21:59:59
cdn-pullzone: 1686293
x-amz-id-2: kBR7nirmmnuMnDNfKYAGHSjLHo6NTeDWi8qFBihU0amslFoVr4AorP/06usfL6I00usXyHMUjQQ=
last-modified: Thu, 08 Aug 2024 21:59:07 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"96e0f90f56835b679bb0ad755f832d5c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=31536000
cdn-requestid: b697da10e0b3a9f9993730fec9cf8a3a
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 20.128b7099bb49bb3a35d0.js Show response
load.sumome.com/ 44 KB
19 KB 14ms
14ms Script
application/javascript 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/20.128b7099bb49bb3a35d0.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 2623f1723abdfd03c0ca4b6a4bc615bb462ea4d0583c68a6e448f0d392a9b924

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-amz-request-id: SF0449RSJ9H4PCVT
cdn-cachedat: 08/08/2024 21:59:59
cdn-pullzone: 1686293
x-amz-id-2: eDccbpJOQ2ehSnz/n3X9vO3oP1abrubtwfaiinb6cB0cRTANPT8Md0boqnYb+qdogGHOcSBlPF8=
last-modified: Thu, 08 Aug 2024 21:59:07 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"49f536ae4c7d8caf4982dea5435f6a91"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=31536000
cdn-requestid: e65e777fd94479f98ca69e691ce2cdd0
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 AGSKWxX4eWFPKs43dYp_8_exL-lXGTui7Pg_5PcEnpHA4x_avwFnuQ-M5wbLnvsfUZmXqTfnoMLcfLSuwA0d7ZtxgmTj3njXojJGolutTdfp7uFvKlnJzlwW8e9pZAc6gy350o_VPEuD-w== Show response
fundingchoicesmessages.google.com/f/ 389 KB
60 KB 74ms
73ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX4eWFPKs43dYp_8_exL-lXGTui7Pg_5PcEnpHA4x_avwFnuQ-M5wbLnvsfUZmXqTfnoMLcfLSuwA0d7ZtxgmTj3njXojJGolutTdfp7uFvKlnJzlwW8e9pZAc6gy350o_VPEuD-w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI0MjYzMTA4LDUxODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuaXRzZWN1cml0eW5ld3MuaW5mby9wcmV2aW91c2x5LXVuc2Vlbi1tc3VwZWRnZS1iYWNrZG9vci10YXJnZXRlZC1hLXVuaXZlcnNpdHktaW4tdGFpd2FuLyIsbnVsbCxbWzgsIm5FZjhNckk4cXhRIl0sWzksImRlIl0sWzIyLCJmYWxzZSJdLFsxOSwiMSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.nEf8MrI8qxQ.es5.O/am=rGA/d=1/rs=AJlcJMxlcMeH7Op4ax8uXMiRTqSGWnTYrA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

134ac96d76a4f225d05140f23f88f070fe81fab36eab4cc2b7155ead0e0fceb5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-K33yODornvIOgOLhdNmfdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-K33yODornvIOgOLhdNmfdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw0ZBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAmJ3rYus_kC8JOIi66HEi6yGCpdYHYH4_rpLrM-BeO_HS6xHgViIh-PI1Rnb2AQWXPs8mUlJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDC0FLPwCS-wAAADlw-qg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
82 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-255115677&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q7N4Z84JJY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dff8d345d9d13a3d169ea3bba4dfc47187c8a24d5a226e597ed489a14968b197

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84356
x-xss-protection: 0
last-modified: Wed, 21 Aug 2024 17:19:12 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Aug 2024 17:58:28 GMT

POST
H2 200 / Show response
sumome.com/api/load/ 878 B
1 KB 173ms
171ms Fetch
application/json 44.237.18.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumome.com/api/load/

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/20.128b7099bb49bb3a35d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.237.18.104 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-18-104.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

15673ab5fd5e54710da7305c6a1bbd36c72e115cf01f112412f86a1bd279b389

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Aug 2024 17:58:29 GMT
content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
server: nginx/1.21.5
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.itsecuritynews.info
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 878

GET
H3 200 ca-pub-5751281961085733 Show response
fundingchoicesmessages.google.com/i/ 202 KB
66 KB 39ms
38ms Script
application/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5751281961085733?href=https%3A%2F%2Fwww.itsecuritynews.info%2Fpreviously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5751281961085733&plah=www.itsecuritynews.info&bust=31086219

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

5fde115b862f5d3c716bcf7336c96ee528b89737270be6ede81c845996215878

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-hKtiy1pPVd4XWJF44hUknA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-hKtiy1pPVd4XWJF44hUknA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw0JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YH4_rpLrM-BeO_HS6xHgViIh-PI1Rnb2AQa1n_awKSkkZRfGJ-cn1dSlJlUWpJflJacllqcWlSWWhRvZGBkYmBhaKlnYBJfYAAAAtE-dQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 109 KB
6 KB 134ms
38ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.nEf8MrI8qxQ.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMw2PZhiRf2mY3xRgmphg64b9fFm1A/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

21274801bf1d0bf4ac0aa5babe4fa83a733d332a55b2665b168d073486170ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Aug 2024 17:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Aug 2024 17:58:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Aug 2024 17:58:28 GMT

GET
H2 200 Pkijp2qLk1oYfaOZVo7yRkwBnvy_tf73KcMrzz31T8fEECjA30wZ8rvduROFMvgoq80iVbHLdkE_ONqq2BcARDa2ri4CJc3vQ2iUWluLGbiyZzrMSkWx=h60
lh3.googleusercontent.com/ 6 KB
6 KB 104ms
16ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Pkijp2qLk1oYfaOZVo7yRkwBnvy_tf73KcMrzz31T8fEECjA30wZ8rvduROFMvgoq80iVbHLdkE_ONqq2BcARDa2ri4CJc3vQ2iUWluLGbiyZzrMSkWx=h60

Requested by

Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a440e5e184d52445e8170035727d8d11d82cd6df3fc3048f18499c8acf3b8df6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:54:00 GMT
x-content-type-options: nosniff
age: 268
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6337
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 22 Aug 2024 17:54:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 77ms
19ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itsecuritynews.info/
Origin: https://www.itsecuritynews.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:03:23 GMT
x-content-type-options: nosniff
age: 100505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:03:23 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 96ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: www.itsecuritynews.info
URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itsecuritynews.info/
Origin: https://www.itsecuritynews.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:07:28 GMT
x-content-type-options: nosniff
age: 100260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:07:28 GMT

POST
H3 204 AGSKWxU6eNfDXybezQhApSOWmWw-LIoydCoNb90lniP2JDZxmBQ5lZldyya0Qwe8_4ZzdNBqAXERR22rsWnt6-ETgTFmPwS9x1Mf9uR5WWfOXbxFG-4G6ERvfFFLqzKyHnJMaDNE9koojQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 23ms
22ms XHR
text/html 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU6eNfDXybezQhApSOWmWw-LIoydCoNb90lniP2JDZxmBQ5lZldyya0Qwe8_4ZzdNBqAXERR22rsWnt6-ETgTFmPwS9x1Mf9uR5WWfOXbxFG-4G6ERvfFFLqzKyHnJMaDNE9koojQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3XaPzjJOqhPRNAiWL3sREA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-3XaPzjJOqhPRNAiWL3sREA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1pBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDiOXJ2xjU3gxu3TZ5iUXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBhZGBnoF5fIEBAILbLqc"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.itsecuritynews.info
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU6eNfDXybezQhApSOWmWw-LIoydCoNb90lniP2JDZxmBQ5lZldyya0Qwe8_4ZzdNBqAXERR22rsWnt6-ETgTFmPwS9x1Mf9uR5WWfOXbxFG-4G6ERvfFFLqzKyHnJMaDNE9koojQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TlrMi9bSDNnEiFJ_AJAybA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-TlrMi9bSDNnEiFJ_AJAybA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1pBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDiOXJ2xjU2g49W-s0xKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTAwshAz8A8vsAAAHAULmI"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.itsecuritynews.info
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
sumome.com/api/load/ 0
0 514ms
164ms Preflight 44.237.18.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumome.com/api/load/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.237.18.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-18-104.us-west-2.compute.amazonaws.com
Software: nginx/1.21.5 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.itsecuritynews.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: https://www.itsecuritynews.info
access-control-max-age: 2592000
date: Wed, 21 Aug 2024 17:58:29 GMT
server: nginx/1.21.5

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.itsecuritynews.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:12:11 GMT
x-content-type-options: nosniff
age: 99977
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:12:11 GMT

GET
H2 200 cropped-itsecuritynews-32x32.png
www.itsecuritynews.info/wp-content/uploads/2020/10/ 1 KB
1 KB 56ms
56ms Other
image/png 2a01:238:20a:202:1079::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itsecuritynews.info/wp-content/uploads/2020/10/cropped-itsecuritynews-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1079:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.62 (Unix) /
Resource Hash: af0999507a6b9e683f1fec6f6c55c1d54745ffdf6ed2767e3ac1827f65678b15

Request headers

Referer: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:28 GMT
last-modified: Tue, 10 Oct 2023 08:44:19 GMT
server: Apache/2.4.62 (Unix)
etag: "589-60758b67251d7"
vary: User-Agent
content-type: image/png
accept-ranges: bytes
content-length: 1417

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 27ms
26ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5l1&tag_exp=0&rnd=2141283975.1724263109&url=https%3A%2F%2Fwww.itsecuritynews.info%2Fpreviously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan%2F&dma_cps=-&dma=1&npa=1&tcfd=1000h&gtm=45be48j0za200zb872226670&did=dZTNiMT&gdid=dZTNiMT&frm=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-255115677&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 17:58:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 43ms
15ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Q7N4Z84JJY&gtm=45je48j0v872226670za200&_p=1724263108084&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tcfd=1000h&tag_exp=0&gdid=dZTNiMT&cid=1707559405.1724263109&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1724263108&sct=1&seg=0&dl=https%3A%2F%2Fwww.itsecuritynews.info%2Fpreviously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan%2F&dt=Previously%20unseen%20Msupedge%20backdoor%20targeted%20a%20university%20in%20Taiwan&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2252
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q7N4Z84JJY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 17:58:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.itsecuritynews.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f58ef317a437883e2baa7e98d73af912859b7cc7c10ecd79e97aa0ea974ba896

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 services Show response
sumome.com/ 46 KB
5 KB 196ms
195ms Fetch
application/json 44.237.18.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumome.com/services

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/20.128b7099bb49bb3a35d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.237.18.104 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-18-104.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

ad8edffa909894ebca0324a896b68175eda5b2f25060f492ca139745befba964

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Aug 2024 17:58:29 GMT
content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
content-encoding: gzip
server: nginx/1.21.5
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.itsecuritynews.info
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true

OPTIONS
H2 204 services
sumome.com/ 0
0 163ms
163ms Preflight 44.237.18.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumome.com/services
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.237.18.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-18-104.us-west-2.compute.amazonaws.com
Software: nginx/1.21.5 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.itsecuritynews.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: https://www.itsecuritynews.info
access-control-max-age: 2592000
date: Wed, 21 Aug 2024 17:58:29 GMT
server: nginx/1.21.5

GET
H2 200 2.128b7099bb49bb3a35d0.js Show response
load.sumome.com/ 263 KB
61 KB 15ms
14ms Script
application/javascript 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/2.128b7099bb49bb3a35d0.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 3b79efdcfc75af7dcbe2b55ca9778072bf52129086c3693f6a78064a8d41d1e4

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:29 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-amz-request-id: HTKFCEZ2BEJ0W63V
cdn-cachedat: 08/08/2024 22:00:02
cdn-pullzone: 1686293
x-amz-id-2: 5zehIZpSJ+VoFX+mT7Yv7sLCwvRepf+MYMqwM4wAo8jbrSN3Twz+JGXt4/501q9W5/crrCnP04c=
last-modified: Thu, 08 Aug 2024 21:59:07 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"b0b764ee4244a460b6960310dea78c10"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=31536000
cdn-requestid: 14ed818c48f90c5366977addd8fa593c
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 5.128b7099bb49bb3a35d0.js Show response
load.sumome.com/ 61 KB
20 KB 28ms
28ms Script
application/javascript 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/5.128b7099bb49bb3a35d0.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: e0f6d39fa437f26806aa507d3b8589a30cf1010d5b77a25c600d99884b1bb32a

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:29 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-amz-request-id: HTKBY4QQT755XHN1
cdn-cachedat: 08/08/2024 22:00:02
cdn-pullzone: 1686293
x-amz-id-2: uXE6daeHxf2dbQFkjqgVFat3Z+Zmj1ttIHr1mrWda1/XZAPpY521WToion5NmOC0wB3zalngV+E=
last-modified: Thu, 08 Aug 2024 21:59:07 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"081756b30d4461bfd886fd88549d6be7"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=31536000
cdn-requestid: 158b962053093c479e131a64e08d2256
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 4.128b7099bb49bb3a35d0.js Show response
load.sumome.com/ 220 KB
65 KB 25ms
25ms Script
application/javascript 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/4.128b7099bb49bb3a35d0.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 8f9ac9e8be2060e9f9d7ee3ba27c49956725768b54a9623560ee2a7e23c55678

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:29 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-amz-request-id: HTK4B6STXS6QERM0
cdn-cachedat: 08/08/2024 22:00:02
cdn-pullzone: 1686293
x-amz-id-2: 5dA1+NwC1f4HpNhjsmg+IRttfSrvEqvFhbwKERBl5d/wJ5v1TS7Qkd4InfDicKI9XWi4jt0F7QY=
last-modified: Thu, 08 Aug 2024 21:59:07 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"ae2acdc1aa1cc2b5961adcc434d95767"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=31536000
cdn-requestid: 8a3e202097d42f15e04f64e07189823d
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 7.128b7099bb49bb3a35d0.js Show response
load.sumome.com/ 215 KB
60 KB 17ms
17ms Script
application/javascript 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/7.128b7099bb49bb3a35d0.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: ccb3faf418bb8012e394fa553064fa3cccc984eae8f5963dade26e92258d353d

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:29 GMT
content-encoding: br
cdn-edgestorageid: 1079
x-amz-request-id: HTK2PBH9YYS0RMDT
cdn-cachedat: 08/08/2024 22:00:02
cdn-pullzone: 1686293
x-amz-id-2: rxbAzzS7RvpFtP8Ww8J913VdIeoRIKavCzJDiSxv2A662YzYLHv3DAqlbSmG4AZ5ZTp7FhvPA5I=
last-modified: Thu, 08 Aug 2024 21:59:07 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"f214910f5382f70d642eed0bb1ab5b95"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=31536000
cdn-requestid: 7ef11deb55d4ff6c3d09e9e1ac4f5784
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 15.128b7099bb49bb3a35d0.js Show response
load.sumome.com/ 5 KB
3 KB 20ms
20ms Script
application/javascript 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/15.128b7099bb49bb3a35d0.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: c220188079c3d1786998b259da31caf70abe4b227d2ef2f3ed80eff9b61d52dc

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:29 GMT
content-encoding: br
cdn-edgestorageid: 1079
x-amz-request-id: JDMSX00VX66RA0SN
cdn-cachedat: 08/08/2024 22:03:23
cdn-pullzone: 1686293
x-amz-id-2: dZYUEwmCR9xsEUpPa1+E6ybqclJplhcicBtwgevY8MOMnxN9x8wc1uRZW7I9Ox+6wi2viA5061o=
last-modified: Thu, 08 Aug 2024 21:59:07 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"740656c06237fd5b3d1ff080f00ce1a0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=31536000
cdn-requestid: 32e0166ed56d8bda2c1b9c0bbc7c342b
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 3.128b7099bb49bb3a35d0.js Show response
load.sumome.com/ 23 KB
9 KB 23ms
20ms Script
application/javascript 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/3.128b7099bb49bb3a35d0.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: d85cb2eced4a00fcb47aeb619ce28da60ef3a9f1e576d02ff6fc2afaa5fe94b7

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:29 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-amz-request-id: DMHTDQV03BKQP6X6
cdn-cachedat: 08/08/2024 22:03:24
cdn-pullzone: 1686293
x-amz-id-2: jZvmlQgxhePsrrSmfsruXKJkE5Ks91rja4WcFPlbPN+Yk+BRTtLQcOTkboS8PABwNN6LpSIEZeQ=
last-modified: Thu, 08 Aug 2024 21:59:07 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"94d1997b4923ab6a1a2b34014d14a491"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=31536000
cdn-requestid: a1c4760e7e74c44adf783a5ebdb9467f
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 9.128b7099bb49bb3a35d0.js Show response
load.sumome.com/ 1011 KB
173 KB 16ms
14ms Script
application/javascript 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/9.128b7099bb49bb3a35d0.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 715c2cb1e554cfffa30207b45f30997ff790cc8a60a2280007e5e3e01a914dbb

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:29 GMT
content-encoding: br
cdn-edgestorageid: 1079
x-amz-request-id: ZXFFZSMPQNYYASD3
cdn-cachedat: 08/08/2024 22:03:25
cdn-pullzone: 1686293
x-amz-id-2: vpt1ifytm5sl0Q7WlVdUnPzSSSTjqAdEDjAC6o2Ht/radTpNBfFlG0QXL0yZU6bBevU7/GwOxlI=
last-modified: Thu, 08 Aug 2024 21:59:07 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"39e0c14c14572a19372c160f8be25be7"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=31536000
cdn-requestid: 32b7a317b6e4d0f79d8f049860737ee4
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0.128b7099bb49bb3a35d0.js Show response
load.sumome.com/ 1 MB
72 KB 14ms
13ms Script
application/javascript 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/0.128b7099bb49bb3a35d0.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: dcf35eb07989f8b8379b068170f9c9a370760c18df1b61676b0375173f3465a9

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:29 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-amz-request-id: 3NBGPKKMWYV98X1N
cdn-cachedat: 08/08/2024 22:00:03
cdn-pullzone: 1686293
x-amz-id-2: ghq73sRXKb6cJQbTAW6C2KbWpdIfgTtt+FVUDZyOC6PvD5vqEEGPqUBtpa5viU632DtcxCYB4G8=
last-modified: Thu, 08 Aug 2024 21:59:07 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"2d7d7426694f6fbf6aeeed057be62495"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=31536000
cdn-requestid: 22a39725890565a982581efea774a45f
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

OPTIONS
H2 404 rpc
clients6.google.com/ 0
0 144ms
106ms Preflight
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.itsecuritynews.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1564
content-type: text/html; charset=UTF-8
date: Wed, 21 Aug 2024 17:58:30 GMT
referrer-policy: no-referrer

GET
H2 200 shares.json Show response
api.bufferapp.com/1/links/ 130 B
370 B 482ms
443ms Script
text/javascript 104.19.149.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bufferapp.com/1/links/shares.json?url=https%3A%2F%2Fwww.itsecuritynews.info%2Fpreviously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan%2F&callback=jQuery1110003271424877563889_1724263108602&_=1724263108603

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/1.128b7099bb49bb3a35d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.149.92 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f0dafd3197febea91cde5388092fb25700d2a0fc6cfe044591e2324e037dd686

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
x-powered-by: Express
etag: W/"82-uF7MQ3ACDdEh5LCfcENGhUWcJIw"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=43200
cf-ray: 8b6c82f52ca71e54-FRA
expires: Thu, 22 Aug 2024 05:58:30 GMT

GET
H3 200 / Show response
graph.facebook.com/ 252 B
368 B 128ms
105ms Script
text/javascript 157.240.0.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fwww.itsecuritynews.info%2Fpreviously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan%2F&callback=jQuery1110003271424877563889_1724263108604&_=1724263108605

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/1.128b7099bb49bb3a35d0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-shv-02-fra3.facebook.com

Software

Resource Hash

479dcb96c14c8078776b88267f9eca658928f4dd034f97320727b4623b21a9d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Wed, 21 Aug 2024 17:58:29 GMT
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-server-load: 36
x-fb-rev: 1015857474
alt-svc: h3=":443"; ma=86400
content-length: 252
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4331, tp=10, tpl=0, uplat=97, ullat=0
pragma: no-cache
x-fb-debug: aKpYtbWV39LFDw/TQGuSXZWOPKqe8wLQwUy9ETLHOEFSoBDe2yfkEnSqWvY3u0yHiVVCo1r/l8y3Rz6Ian7B6g==
x-fb-trace-id: D9YiDRl+KPb
vary: Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AOsXjvlQMT9NGdbuFkYzUIn
cache-control: no-store
facebook-api-version: v14.0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 links.getStats Show response
api.facebook.com/method/ 467 B
418 B 147ms
119ms Script
text/javascript 157.240.0.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://api.facebook.com/method/links.getStats?urls=https%3A%2F%2Fwww.itsecuritynews.info%2Fpreviously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan%2F&format=json&callback=jQuery1110003271424877563889_1724263108606&_=1724263108607

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/1.128b7099bb49bb3a35d0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-shv-02-fra3.facebook.com

Software

Resource Hash

473e9cc89cc063e02d8e42bc6c08edffea6e75347562b918ca41aea8ed246fac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: zstd
date: Wed, 21 Aug 2024 17:58:29 GMT
x-fb-server-load: 51
x-fb-rev: 1015857474
content-length: 305
pragma: no-cache
x-fb-debug: Bh8ZCuy5qgHeQHAUHR9MGH0VWlW/z6G3LEfm6Y/PqeKTXmpUPp8v5oAmVEZ+JuEQUJoOOnA8jBxuHbb8VK6ZSA==
x-fb-trace-id: HMADHCn6oFS
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
x-fb-request-id: AlBangITDgPtSTdEnObn-S8
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v14.0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST rpc
clients6.google.com/ 0
0

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 164 B
367 B 148ms
107ms Script
application/javascript 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?callback=jQuery1110003271424877563889_1724263108608&source=6&url=https%3A%2F%2Fwww.itsecuritynews.info%2Fpreviously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan%2F&_=1724263108609

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/1.128b7099bb49bb3a35d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e39da6bcd82afe6e5dd6ab74c7c3739bc54e519f8a046dfe882b75f0926d472c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 2
accept-ranges: none
x-pinterest-rid: 5353772979703513
expires: Wed, 21 Aug 2024 18:13:29 GMT

GET

button_info.json
www.reddit.com/
Redirect Chain

https://reddit.com/button_info.json?url=https%3A%2F%2Fwww.itsecuritynews.info%2Fpreviously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan%2F&jsonp=jQuery1110003271424877563889_17242631086...
https://www.reddit.com/button_info.json?url=https%3A%2F%2Fwww.itsecuritynews.info%2Fpreviously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan%2F&jsonp=jQuery1110003271424877563889_1724263...

0
0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c40f13cd1c3c7338bab7aa23cd5d7b197c79a9cd96ccca801f8937767f67642

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbd3b16a0625711c64c0adeb38ed9c41a069ca2bbc07d00a14bcb369e02eda45

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 googleplus-white-60.png
load.sumome.com/_/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/ 20 KB
21 KB 14ms
14ms Image
image/png 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load.sumome.com/_/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/googleplus-white-60.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 568c290163b0a0957dc9a588116a279f2b47ce42ecc08a9033162c594a7413c6

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:29 GMT
cdn-edgestorageid: 1079
x-amz-request-id: YFXBT3J9W91TDYTM
cdn-cachedat: 07/24/2024 22:41:29
cdn-pullzone: 1686293
content-length: 20477
x-amz-id-2: YXYCvWbEADMzXkyeWyMN1IaYUi6YIc/IV9sks3XC+s0MUjivsqzcvZhPy5l7aQaBScRmoRkABEU=
last-modified: Wed, 24 Jul 2024 17:03:05 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "3ee5518d81df555f158d0b9f8afc3d9e"
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 832adb6525e2b332f4e1b651e3396700
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53c0a264444053b235b6d81b4da620684ddce50d6326798a1a536f9e269d5f52

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6d248d1bca62a13f7a5a6363736e10b4858dd4cc539aaf0018b40b036ac5757

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sumome-white-60.png
load.sumome.com/_/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/ 16 KB
16 KB 16ms
16ms Image
image/png 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load.sumome.com/_/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/sumome-white-60.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 8ed77676d10661c0467f600237ee68475d3d4e58993e200cd953ae54132a0e24

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 17:58:29 GMT
cdn-edgestorageid: 1080
x-amz-request-id: V533HJ2R0EBBQH6J
cdn-cachedat: 07/24/2024 15:58:19
cdn-pullzone: 1686293
content-length: 16033
x-amz-id-2: 3NiG5ZyAIN/OO1Xle9FepSS8dgnzf5JywUoFE9u4W7j4FrRrvnkpqJHn14ZYZPMIJpHHY+7mcsQ=
last-modified: Wed, 24 Jul 2024 15:49:37 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "41b89a0b07f71fa603b49342a98a4769"
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 55ecae9d6e5d0e7dd10441c5620cb16f
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

OPTIONS
H2 204 features
sumome.com/api/site/35393a038f26cd18d430102662c132eb98f4fe5e77a5bee3346b81c887c35f23/ 0
0 164ms
164ms Preflight 44.237.18.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumome.com/api/site/35393a038f26cd18d430102662c132eb98f4fe5e77a5bee3346b81c887c35f23/features?site_id=35393a038f26cd18d430102662c132eb98f4fe5e77a5bee3346b81c887c35f23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.237.18.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-18-104.us-west-2.compute.amazonaws.com
Software: nginx/1.21.5 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sumo-auth
Access-Control-Request-Method: GET
Origin: https://www.itsecuritynews.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: https://www.itsecuritynews.info
access-control-max-age: 2592000
date: Wed, 21 Aug 2024 17:58:30 GMT
server: nginx/1.21.5

GET
H2 200 features Show response
sumome.com/api/site/35393a038f26cd18d430102662c132eb98f4fe5e77a5bee3346b81c887c35f23/ 3 KB
2 KB 178ms
178ms XHR
application/json 44.237.18.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumome.com/api/site/35393a038f26cd18d430102662c132eb98f4fe5e77a5bee3346b81c887c35f23/features?site_id=35393a038f26cd18d430102662c132eb98f4fe5e77a5bee3346b81c887c35f23

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/1.128b7099bb49bb3a35d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.237.18.104 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-18-104.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

696481940b82a383d3eeecbcc1d6e6cc1fbc59d3bd96de252adafb1676f86802

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-Sumo-Auth: undefined

Response headers

date: Wed, 21 Aug 2024 17:58:30 GMT
content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
content-encoding: gzip
server: nginx/1.21.5
etag: "91999060"
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.itsecuritynews.info
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

GET
H2 200 features Show response
sumome.com/api/site/35393a038f26cd18d430102662c132eb98f4fe5e77a5bee3346b81c887c35f23/ 3 KB
433 B 352ms
172ms XHR
application/json 44.237.18.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumome.com/api/site/35393a038f26cd18d430102662c132eb98f4fe5e77a5bee3346b81c887c35f23/features?site_id=35393a038f26cd18d430102662c132eb98f4fe5e77a5bee3346b81c887c35f23

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/1.128b7099bb49bb3a35d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.237.18.104 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-18-104.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

696481940b82a383d3eeecbcc1d6e6cc1fbc59d3bd96de252adafb1676f86802

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-Sumo-Auth: undefined

Response headers

date: Wed, 21 Aug 2024 17:58:30 GMT
content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
content-encoding: gzip
server: nginx/1.21.5
etag: "91999060"
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.itsecuritynews.info
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

OPTIONS
H2 204 features
sumome.com/api/site/35393a038f26cd18d430102662c132eb98f4fe5e77a5bee3346b81c887c35f23/ 0
0 164ms
164ms Preflight 44.237.18.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumome.com/api/site/35393a038f26cd18d430102662c132eb98f4fe5e77a5bee3346b81c887c35f23/features?site_id=35393a038f26cd18d430102662c132eb98f4fe5e77a5bee3346b81c887c35f23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.237.18.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-18-104.us-west-2.compute.amazonaws.com
Software: nginx/1.21.5 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sumo-auth
Access-Control-Request-Method: GET
Origin: https://www.itsecuritynews.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: https://www.itsecuritynews.info
access-control-max-age: 2592000
date: Wed, 21 Aug 2024 17:58:30 GMT
server: nginx/1.21.5

POST
H2 200 jsonpcallback Show response
sumome.com/api/ 16 B
327 B 169ms
168ms XHR
application/json 44.237.18.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumome.com/api/jsonpcallback

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/1.128b7099bb49bb3a35d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.237.18.104 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-18-104.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 21 Aug 2024 17:58:30 GMT
content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
server: nginx/1.21.5
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.itsecuritynews.info
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 16

POST
H2 200 jsonpcallback Show response
sumome.com/api/ 16 B
327 B 167ms
166ms XHR
application/json 44.237.18.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumome.com/api/jsonpcallback

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/1.128b7099bb49bb3a35d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.237.18.104 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-18-104.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 21 Aug 2024 17:58:30 GMT
content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
server: nginx/1.21.5
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.itsecuritynews.info
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 16

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 15ms
14ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Q7N4Z84JJY&gtm=45je48j0v872226670za200&_p=1724263108084&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tcfd=1000h&tag_exp=0&gdid=dZTNiMT&cid=1707559405.1724263109&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=AEA&_s=2&sid=1724263108&sct=1&seg=0&dl=https%3A%2F%2Fwww.itsecuritynews.info%2Fpreviously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan%2F&dt=Previously%20unseen%20Msupedge%20backdoor%20targeted%20a%20university%20in%20Taiwan&en=scroll&epn.percent_scrolled=90&_et=2&tfd=7255
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q7N4Z84JJY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.itsecuritynews.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 17:58:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.itsecuritynews.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: clients6.google.com
URL: https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ

Domain: www.reddit.com
URL: https://www.reddit.com/button_info.json?url=https%3A%2F%2Fwww.itsecuritynews.info%2Fpreviously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan%2F&jsonp=jQuery1110003271424877563889_1724263108610&_=1724263108611

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.itsecuritynews.info/	1970-01-20 23:40:55	Name: __smVID Value: 1b5dc80a8cc31f3ffac0b0da04c930e52fd25fa3ef2b4588d29816244b5acced

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.itsecuritynews.info/previously-unseen-msupedge-backdoor-targeted-a-university-in-taiwan/ Message: Access to XMLHttpRequest at 'https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ' from origin 'https://www.itsecuritynews.info' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.bufferapp.com
api.facebook.com
clients6.google.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
graph.facebook.com
lh3.googleusercontent.com
load.sumome.com
pagead2.googlesyndication.com
pixel.wp.com
region1.google-analytics.com
sorinmustaca.com
stats.wp.com
sumome.com
widgets.pinterest.com
www.googletagmanager.com
www.itsecuritynews.info
www.reddit.com
clients6.google.com
www.reddit.com
104.19.149.92
142.250.186.174
151.101.128.84
157.240.0.13
172.217.18.2
192.0.76.3
2001:4860:4802:32::36
2400:52e0:1e00::1080:1
2a00:1450:4001:800::200e
2a00:1450:4001:813::2008
2a00:1450:4001:813::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200e
2a01:238:20a:202:1079::
44.237.18.104
03d1e3014a0a79d4f9fc9fddc91688deef96a0b0ee2f16b97d6b0dc36dd64032
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
134ac96d76a4f225d05140f23f88f070fe81fab36eab4cc2b7155ead0e0fceb5
13b1651007e9efab9e479b1a61ee0bb405425813e2fb6a131065c1133be9f620
15673ab5fd5e54710da7305c6a1bbd36c72e115cf01f112412f86a1bd279b389
177c63f8ed110cccfe81ea2fa9e0ced72e159b7d7a514bccb58c33e7e08769c5
1d250367bfab451a71f4c165834597196bbc37631233d755364a1d990b9af336
1ea2ad59c34bbe820d9057d67c6bef66641647d12420dc09c9c37432536cfb59
21274801bf1d0bf4ac0aa5babe4fa83a733d332a55b2665b168d073486170ae8
243fac45c341f7dd99dc4482268b90f65842fe52d7970bf1f6f5523a3067f045
2623f1723abdfd03c0ca4b6a4bc615bb462ea4d0583c68a6e448f0d392a9b924
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
32c19b2053974b453ac50303393f01947100385c292a9d5e842f819577e7a7e1
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3b79efdcfc75af7dcbe2b55ca9778072bf52129086c3693f6a78064a8d41d1e4
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
448c2c8f586e597e18732391de3038defacd4fc0e67f1ff0378d0a62e2949f7a
473e9cc89cc063e02d8e42bc6c08edffea6e75347562b918ca41aea8ed246fac
479dcb96c14c8078776b88267f9eca658928f4dd034f97320727b4623b21a9d5
4c0d062499925774ccdfb7385416a5c46ec5ce32b76e7b6f717f6412ae6945db
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53c0a264444053b235b6d81b4da620684ddce50d6326798a1a536f9e269d5f52
568c290163b0a0957dc9a588116a279f2b47ce42ecc08a9033162c594a7413c6
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
5fde115b862f5d3c716bcf7336c96ee528b89737270be6ede81c845996215878
696481940b82a383d3eeecbcc1d6e6cc1fbc59d3bd96de252adafb1676f86802
7141c8d0e5f85df97290c3ebbc61021bfa7a7453b9e8dd0294598541eb392b57
715c2cb1e554cfffa30207b45f30997ff790cc8a60a2280007e5e3e01a914dbb
7856761653ebf44869cf299328794f28de3713f732e580e0b628e50a0ed39938
7a8981de6c6152a3b609d2f79eb3558ec33af828b09a870ee01e37a5c81fc30c
7c21256b7b0a7cefb3592ecf6473df263e0e5dfcefcfc72bc5864e22589916ea
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82fbcdbe0b2bdc9a7619c5a99684e09abeb12a11c7dcc5e6e3ed2227ee4461b0
8706d36d880dd99a1cd4b9a2f9e63ebebec3349b9fd0e25fb4b4981cb305b052
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
8bbc0a7737643dd7c2344ba961592632153cb5353c92c5127339627e14b09143
8ed77676d10661c0467f600237ee68475d3d4e58993e200cd953ae54132a0e24
8f9ac9e8be2060e9f9d7ee3ba27c49956725768b54a9623560ee2a7e23c55678
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9763afd6a6519e38f624d3d326eb5bfd45f51c220db97c320ee58b05f7782bfa
97ac9767d44365a2b17cb263a8698bacdaa7a267bc2bb98245a90033ba7aa482
9c40f13cd1c3c7338bab7aa23cd5d7b197c79a9cd96ccca801f8937767f67642
9f758e46392ab6531b32122d0f433db420fd4f7aa44362a123b39665fce0255d
a440e5e184d52445e8170035727d8d11d82cd6df3fc3048f18499c8acf3b8df6
a68827190bc01a61ee0a62ec59efa74497a6bc5aa8586f1fac50a58d0cf42d88
ad8edffa909894ebca0324a896b68175eda5b2f25060f492ca139745befba964
af0999507a6b9e683f1fec6f6c55c1d54745ffdf6ed2767e3ac1827f65678b15
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bbd3b16a0625711c64c0adeb38ed9c41a069ca2bbc07d00a14bcb369e02eda45
c15a9b4fd821f17a65ff15a8510a297f5ea12f7b645e16e34433a9da210d41ad
c220188079c3d1786998b259da31caf70abe4b227d2ef2f3ed80eff9b61d52dc
c6d248d1bca62a13f7a5a6363736e10b4858dd4cc539aaf0018b40b036ac5757
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccb3faf418bb8012e394fa553064fa3cccc984eae8f5963dade26e92258d353d
d85cb2eced4a00fcb47aeb619ce28da60ef3a9f1e576d02ff6fc2afaa5fe94b7
dcf35eb07989f8b8379b068170f9c9a370760c18df1b61676b0375173f3465a9
dff8d345d9d13a3d169ea3bba4dfc47187c8a24d5a226e597ed489a14968b197
e0f6d39fa437f26806aa507d3b8589a30cf1010d5b77a25c600d99884b1bb32a
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e1e2c6d21331d53eee41af373c0a862a63f3a2089d9ae07fd36daab4f2b86ea8
e39da6bcd82afe6e5dd6ab74c7c3739bc54e519f8a046dfe882b75f0926d472c
e3aa1e897e561c66d536427b4b9e52d8137e9b8f9830ecc562eae5e84bf39181
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fb219c43ead124bf3a8fda1c4e577fd02821ecaae82b96144360dfca98c156
edb6c7358824cfc0cb6ebb6cc13224599ef3a4cb5ee44cc06367517c7b101e87
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0dafd3197febea91cde5388092fb25700d2a0fc6cfe044591e2324e037dd686
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3b2304f341757a530b562cb7b472cfc94dd50fa234dcb2658780604a1b3e356
f58ef317a437883e2baa7e98d73af912859b7cc7c10ecd79e97aa0ea974ba896
f8d1a516a91e8ec8ee0d1e85f26af0386c2e8eb19531aef7f56bd2ed0b7afbbd

www.itsecuritynews.info Open in urlscan Pro 2a01:238:20a:202:1079:: Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

84 Requests

95 %HTTPS

56 %IPv6

15 Domains

19 Subdomains

17 IPs

3 Countries

1881 kBTransfer

6824 kBSize

1 Cookies

6 Outgoing links

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.itsecuritynews.info Open in urlscan Pro
2a01:238:20a:202:1079:: Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

95 %
HTTPS

56 %
IPv6

15
Domains

19
Subdomains

17
IPs

3
Countries

1881 kB
Transfer

6824 kB
Size

1
Cookies

84 HTTP transactions
5 data transactions