urlscan.io logo urlscan.io
SecurityTrails logo

securityonline.info Open in urlscan Pro
2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d  Public Scan

Go To Rescan Add Verdict Report
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Submission: On April 17 via api from IN — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 12 domains to perform 120 HTTP transactions. The main IP is 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is securityonline.info. The Cisco Umbrella rank of the primary domain is 495536.
TLS certificate: Issued by E5 on April 13th 2025. Valid for: 3 months.
This is the only time securityonline.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

7    2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
securityonline.info
g.ezoic.net
1    172.67.199.186 (United States)

ASN13335 (CLOUDFLARENET, US)
privacy.gatekeeperconsent.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
35    172.67.134.242 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-0.securityonline.info
2    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
1    142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net
fonts.googleapis.com
1    2a00:1450:4001:813::200e (None, )

ASN- ()
fundingchoicesmessages.google.com
10    172.67.170.144 (None, )

ASN- ()
www.ezojs.com
1    142.250.185.238 (None, )

ASN- ()
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
37 securityonline.info
securityonline.info — Cisco Umbrella Rank: 495536
cdn-0.securityonline.info — Cisco Umbrella Rank: 665374
306 KB
10 ezojs.com
www.ezojs.com Failed
20 KB
5 ezoic.net
g.ezoic.net
343 B
2 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2357
52 KB
2 google.com
fundingchoicesmessages.google.com Failed
accounts.google.com Failed
news.google.com Failed
5 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
4 KB
1 gatekeeperconsent.com
privacy.gatekeeperconsent.com — Cisco Umbrella Rank: 42631
the.gatekeeperconsent.com Failed
1 KB
0 gstatic.com Failed
fonts.gstatic.com Failed
0 buymeacoffee.com Failed
cdn.buymeacoffee.com Failed
0 addtoany.com Failed
static.addtoany.com Failed
0 googlesyndication.com Failed
pagead2.googlesyndication.com Failed
0 googletagmanager.com Failed
www.googletagmanager.com Failed
120 12
Domain Requested by
35 cdn-0.securityonline.info securityonline.info
cdn-0.securityonline.info
10 www.ezojs.com securityonline.info
5 g.ezoic.net securityonline.info
2 secure.gravatar.com securityonline.info
2 fundingchoicesmessages.google.com securityonline.info
2 fonts.googleapis.com securityonline.info
2 securityonline.info securityonline.info
1 privacy.gatekeeperconsent.com securityonline.info
0 fonts.gstatic.com Failed fonts.googleapis.com
0 news.google.com Failed securityonline.info
0 accounts.google.com Failed securityonline.info
0 cdn.buymeacoffee.com Failed securityonline.info
0 the.gatekeeperconsent.com Failed securityonline.info
0 static.addtoany.com Failed securityonline.info
0 pagead2.googlesyndication.com Failed securityonline.info
0 www.googletagmanager.com Failed securityonline.info
120 16
Subject Issuer Validity Valid
securityonline.info
E5		 2025-04-13 -
2025-07-12		 3 months crt.sh
gatekeeperconsent.com
WE1		 2025-04-14 -
2025-07-13		 3 months crt.sh
upload.video.google.com
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
cdn-0.securityonline.info
WE1		 2025-03-25 -
2025-06-23		 3 months crt.sh
gravatar.com
E5		 2025-04-15 -
2025-07-14		 3 months crt.sh
ezoic.net
E6		 2025-03-13 -
2025-06-11		 3 months crt.sh
*.google.com
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
www.ezojs.com
WE1		 2025-02-22 -
2025-05-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Frame ID: 415137909304D22D761EC4C2C648B4B5
Requests: 120 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Malicious NPM Packages Target PayPal Users to Steal Sensitive Data

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

120
Requests

49 %
HTTPS

44 %
IPv6

12
Domains

16
Subdomains

10
IPs

3
Countries

388 kB
Transfer

1563 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

120 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/ 		155 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d5b24a2b4bea863b0386349e3a8f1d0fa2403a28db5bf4113686e30ba3c60e0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 17 Apr 2025 13:41:15 UTC
display
orig_site_sol
expires
Wed, 16 Apr 2025 13:41:15 GMT
link
<https://securityonline.info/wp-json/>; rel="https://api.w.org/", <https://securityonline.info/wp-json/wp/v2/posts/106212>; rel="alternate"; title="JSON"; type="application/json", <https://securityonline.info/?p=106212>; rel=shortlink
pagespeed
off
response
200
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding,User-Agent
x-ezoic-cdn
Hit d2;mm;ff216cb8dd73348e2c83d6d9cd39583a;2-124533-241;oMgr0xwVuC6z2tsZq3DGg
x-middleton-display
orig_site_sol
x-middleton-response
200
x-origin-cache-control
x-sol
orig
tcf2_stub.js
privacy.gatekeeperconsent.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privacy.gatekeeperconsent.com/tcf2_stub.js
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
925beb768cc9209c0f4de784f15d6c1dde72232c5b457cb186fdea749d07eae8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=15780000, public
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B4WwfEP2nFBF1WwxDM0pQpTwdxSyw4RyNxflO3Qc7%2BxF46GHJHBTPiyJo%2FSxhrbgsnfr%2FgHGZZ%2BXC6sJwS3TKAG3eCXXsSukV93527EypHyZMPHNdBX55J4Ri8UKzibs%2FZmwrxHkj7aDAKZUkM3bdA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
931c56c5bbc9d71e-CDG
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14622&min_rtt=14413&rtt_var=3333&sent=9&recv=9&lost=0&retrans=0&sent_bytes=3646&recv_bytes=3181&delivery_rate=35126&cwnd=12000&unsent_bytes=0&cid=eae4ca5fb198d966&ts=46&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/ 		0
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0
css
fonts.googleapis.com/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:400,700|Open+Sans:400,700&subset=latin&display=swap
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
49e967358d283778213b57a79bda101f744420ffde08f2ca4446431afe9eb832
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://securityonline.info
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 17 Apr 2025 13:41:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Apr 2025 13:41:15 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 17 Apr 2025 12:41:26 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
wgs2.css
cdn-0.securityonline.info/wp-content/plugins/wp-google-search/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/plugins/wp-google-search/wgs2.css?ver=6.7.2
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd6261240ed0f12a5cc73e1a74452182697f4b09560cdfbb3b2f17e0659a2f7f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"62eaa675-a60"
age
290474
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VROVJd8k5VKldzD2NVbhD5UI7W4qbRlHTgftue9J%2FsYDWBV1Iu7E9ZHWk775saTtSLXf5Pfr1SshgLynTyIeVqFn70TOBTvIvmP7LekbuXHlhi5GxRUgHqGE%2BhKbAeQ0RMhafTqMH2ftZuOk"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=38&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Wed, 03 Aug 2022 16:46:45 GMT
x-ezoic-cdn
Hit d2;mm;f4313cb9f2661fe42ca005dab99213fb;2-124533-241;AbyLDZjz-PPOsRbCVplXl
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2592000
pragma
public
x-sol
orig
cf-ray
931c56c5deac0496-CDG
x-origin-cache-control
max-age=2592000
server
cloudflare
all.css
cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/fontawesome/css/ 		137 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/fontawesome/css/all.css?ver=3.6.2
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91752443751aedc9683727a5dccfb20edf4b9b33a836495eeb5d7562a96df570

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67fc6fc3-22404"
age
290474
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ks0kfAj%2FFWAzIvxWNh0%2BrBr%2FNWleWAATF3MmIu69YopmwuU1UDHeLK9TCkQicEOmNk7%2F6uPnRM4py62JYnJgBA7sAwK9IX618nytGyry%2FwfQEuSckBdZ3WL%2FxYqZcXpMTu4Up9CHt0ePnsNf"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=40&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Mon, 14 Apr 2025 02:15:31 GMT
x-ezoic-cdn
Hit d2;mm;8c6895a471655208b224f8518fadc1d5;2-124533-241;wdNegcw6Ur_mnmN0z9mi9
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2592000
pragma
public
x-sol
orig
cf-ray
931c56c5dea90496-CDG
x-origin-cache-control
max-age=2592000
server
cloudflare
blocks.style.build.css
cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/dist/ 		40 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/dist/blocks.style.build.css?ver=3.6.2
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
742d679ba576278f333b0b1d0702f57ba04ee78ae121fc67e25aaa19e2c2141a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67fc6fc3-9f15"
age
290474
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=10wfT1AxoX806x7aSMN10ArN8%2BlSfon1GcJwudknktixzKIms6zDAKLOGs%2FAEW1NbRtuH1Gn8PKCIHbZKqOB4QXHc4Cupkf0BHKwMNValV7RDupSBXi118f8UayVaM%2FSTn1%2BNgXd3qCNdsZo"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=38&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Mon, 14 Apr 2025 02:15:31 GMT
x-ezoic-cdn
Hit d2;mm;dfa5f6a48fce4e6350dc842cc22bbdcb;2-124533-241;dXoDc18K46LSZvQfOV5yV
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2592000
pragma
public
x-sol
orig
cf-ray
931c56c5deaa0496-CDG
x-origin-cache-control
max-age=2592000
server
cloudflare
style.min.css
cdn-0.securityonline.info/wp-includes/css/dist/block-library/ 		112 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-includes/css/dist/block-library/style.min.css?ver=6.7.2
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"673bdd27-1c012"
age
96421
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cI7PB8XyWdIlY9%2Br%2B7CXhd%2FH6KAHxTpXGt7u3C4K5jVd27Ovi4qh5fvkqGHD3bqkHIWK3HB5yIeNk39cMlVNv%2F%2BWPWe69w5M5k4Ziflnq%2BMHb2mNZJ4D2P5Qk1JGylJvHKiHgJ6YxRlIDtUi"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=37&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Tue, 19 Nov 2024 00:34:47 GMT
x-ezoic-cdn
Hit d2;mm;aa9fe18b3f76d223fa47b5eba5ada9c5;2-124533-241;1qobZxBVNmB5chXI2vfEI
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2592000
pragma
public
x-sol
orig
cf-ray
931c56c5dea80496-CDG
x-origin-cache-control
max-age=2592000
server
cloudflare
chainwire-public.css
cdn-0.securityonline.info/wp-content/plugins/chainwire-integration/public/css/ 		339 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/plugins/chainwire-integration/public/css/chainwire-public.css?ver=1.0.24
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a03ff3c5e90f8a490583e6234244a83fe547ed8e37da298c9014b35f467f3cc4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6788bb8a-153"
age
290474
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o6UOess%2FhZD8aEfpLzLpQDWvf%2BjESCBL65HJVFuUJ6BU04fs1EWO3X5BE%2BdVTZH0Vw0NW%2BxBxXEuDRALvaPXRMFnXI9UBz6ihhXdXTk3MZPk49F4%2BO3oHTa%2FD6zSZ8R0qANJ3KBX5FvfhAGu"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=38&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Thu, 16 Jan 2025 07:55:54 GMT
x-ezoic-cdn
Hit d2;mm;61dc35e74a9e94e06b9eecfc47d38e25;2-124533-241;d_d6Gh4b0pNlpBKvL9Khl
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
x-sol
orig
cf-ray
931c56c5deb30496-CDG
accept-ranges
bytes
content-length
223
x-origin-cache-control
max-age=2592000
server
cloudflare
kk-star-ratings.min.css
cdn-0.securityonline.info/wp-content/plugins/kk-star-ratings/src/core/public/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.4.10.2
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cd6396792d7bfdd898dcb9f2ee195387179b30fb4cc2cdc0c57575fab655230

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67a5ab7e-8d3"
age
84309
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kF9DcJXT%2B7eDW1J5Mda%2BRCAm0jJYj5ryj2q%2FnaB3BtI34A0is20kgpJ%2BV%2Bg3IAf%2FW%2FMBM5vnwg2ZuCCtpYGQwWwIT4BDFbIuUK0AluoUa5UOq715ZVN3uQkU2LFLuYhpj7h7OqlAScD1r5xe"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=48&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Fri, 07 Feb 2025 06:43:10 GMT
x-ezoic-cdn
Hit d2;mm;88a0fd230739e2af68393569f5f09b23;2-124533-241;5DYgc29lNoPV3f2gH7c9l
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2592000
pragma
public
x-sol
orig
cf-ray
931c56c5deb00496-CDG
x-origin-cache-control
max-age=2592000
server
cloudflare
awpa-frontend-style.css
cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/css/ 		34 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/css/awpa-frontend-style.css?ver=3.6.2
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9c8b24e061fad8a69ab19708299952d79803d5065321138d273a6098d5ffabc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67fc6fc3-8963"
age
290474
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GYJ9W3NFLhYP5dYpiQNmjNsSw7j7ZWz328D9H67v4Gk2G0CdA9Jvn2kq6i3%2FNwvae8gREPmQ4coI7pZAPcyXXyh%2BIVytTC0k4nReCnW52wEPdxbveItsdp8oO5NHiQU7NKs2QmB9Rs5%2FI2da"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=39&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Mon, 14 Apr 2025 02:15:31 GMT
x-ezoic-cdn
Hit d2;mm;8af45c165ca18818d834ef8348b3cf08;2-124533-241;UMxOGePMbt4gCMST6Kk8M
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2592000
pragma
public
x-sol
orig
cf-ray
931c56c5deb40496-CDG
x-origin-cache-control
max-age=2592000
server
cloudflare
bootstrap.min.css
cdn-0.securityonline.info/wp-content/themes/morenews/assets/bootstrap/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/bootstrap/css/bootstrap.min.css?ver=1.0.35
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebf968e400976b579ea9dcff5f0bc247a2b2371f9ce49c3b5829da4b7179f4f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67f892cf-1d988"
age
290474
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v5w5T%2B1UvlQrL%2FSaPbVCjFxC1aqPuP%2B1d92hcCPcw8ZU%2Fa76BTa%2B1r1faPtNdWeP0KFuoGRZocy4Nihov3QNRivi%2FsT7f4crwtgoAIQ7ornSpEkZ8gNkMOV17VWrbVbqu49AJl97YNu5081c"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=39&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Fri, 11 Apr 2025 03:55:59 GMT
x-ezoic-cdn
Hit d2;mm;3ed6b480342a3c5ba802ce4b53884ad9;2-124533-241;0nQgJVJr9nvkI4fEaEUdV
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2592000
pragma
public
x-sol
orig
cf-ray
931c56c5deb70496-CDG
x-origin-cache-control
max-age=2592000
server
cloudflare
style.min.css
cdn-0.securityonline.info/wp-content/themes/morenews/ 		308 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/style.min.css?ver=1.0.35
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dcda053fdba8ee13ea18d6c732ea35ea412b90900f0fa8c0594d0763057c83a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67f892cf-4d027"
age
290474
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zjyiaCMc0KAY3SzbjdwcmRcrOD9cFjfxljn7%2BnOG0l6CppkRPKKd3L5gVchr4VG0gn0sUh1nvsu6y8qWqdEjm0uTJqOulLCWEYRH8lDKgXzCHbJq5PM%2FNi64%2BcDl8ttVkIv%2BVYwzPT8F%2Fxhm"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=41&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Fri, 11 Apr 2025 03:55:59 GMT
x-ezoic-cdn
Hit d2;mm;c76b0e4c542098b33b97080becf3f7fa;2-124533-241;hNhb5tSobIU5bxvpU76_Z
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2592000
pragma
public
x-sol
orig
cf-ray
931c56c5deb50496-CDG
x-origin-cache-control
max-age=2592000
server
cloudflare
style.css
cdn-0.securityonline.info/wp-content/themes/globalnews/ 		16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/themes/globalnews/style.css?ver=1.0.35
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b095b652e0f96d69436c32508f26f4f515fc9316c96fc500d20036a2d8a932cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67ee4e71-3ecc"
age
290474
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=22dTGBGQvk1fW1QPGsVTs6VE3uq8auEIE6at3O4qaesqpY%2F5RUTcRJMtW405pEX7zPs5MiKx5VZik01q5FurPHnl1iY2FFvgpwNEBIy9ixDtmZc%2BPiDHBlff3iOWI4FBKCsf31%2FMUwcqYuKg"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=39&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Thu, 03 Apr 2025 09:01:37 GMT
x-ezoic-cdn
Hit d2;mm;e50602bb3535dff8657bf156528e894d;2-124533-241;dog3GIAqV8NDuoah5n7bN
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2592000
pragma
public
x-sol
orig
cf-ray
931c56c5deb10496-CDG
x-origin-cache-control
max-age=2592000
server
cloudflare
style.css
cdn-0.securityonline.info/wp-content/themes/morenews/assets/icons/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/icons/style.css?ver=6.7.2
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
671c8dfa1598c8cf4f3376ae302eb0488578d9ef2b496d3874b223a02558bbae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67f892cf-1470"
age
290474
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RRD%2B1Dq1bGci4bxy8r1ftgzJOeDYKvNJFhirtXUnyYJv%2BojTzzih5CuZxGA7wtGgo6EaQ9t8nU%2Fao2yvhtAu%2Bo4jyIlGVPJ9zGfUE2UC0Nx4vgA8iZo%2BH2xRUmMHhe3bnMbsUhC51URIn5Md"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=39&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Fri, 11 Apr 2025 03:55:59 GMT
x-ezoic-cdn
Hit d2;mm;36bab443be97989644f837d0d610054a;2-124533-241;w4EWU2djXMbTNzktiOKzR
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2592000
pragma
public
x-sol
orig
cf-ray
931c56c5deb60496-CDG
x-origin-cache-control
max-age=2592000
server
cloudflare
slick.min.css
cdn-0.securityonline.info/wp-content/themes/morenews/assets/slick/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/slick/css/slick.min.css?ver=6.7.2
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dacfc90d0a9df9baf0f9059db213f281d6ec726aa772d2b39d82e4293bac1f63

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67f892cf-530"
age
290474
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SGcmcxY98fGeHJDpB7jZlDexmSg6E1L2vwO0jnLOzCzA91OQT54sxREtjbx7R6oLuYEoZZ%2BcKY0cbclrBOxZaBuZlXp4M54bSEvcHGeJ2lfCEecAlGN5xO261PPS4gvEkAlPoaoLz3fztM89"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=54&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Fri, 11 Apr 2025 03:55:59 GMT
x-ezoic-cdn
Hit d2;mm;98f3835753f6ff8a3791c1905d057c21;2-124533-241;BofeKzZ4T4BLRGmAC1ALw
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
x-sol
orig
cf-ray
931c56c5deb20496-CDG
accept-ranges
bytes
content-length
487
x-origin-cache-control
max-age=2592000
server
cloudflare
jquery.sidr.dark.css
cdn-0.securityonline.info/wp-content/themes/morenews/assets/sidr/css/ 		998 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/sidr/css/jquery.sidr.dark.css?ver=6.7.2
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cdd05aeb1a1aacb2b016e3dd6e617b6b4b948c17624749bcbcbdbf17d7de3aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67f892cf-3e6"
age
290474
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bH%2BdpfYID9tuUXX7EGHIZS7MzcLMvSSZ1zph1gAn8yzfST2MAxKfkfKrHJmxg6hLQy4XlYcCLrtadv8Z6eDMD0q99cCuKA5cVnM%2BWyQQ71n7WBHpwHPmpj%2BKsVcZTH%2BPYS7kOZD4%2Biz4kXTx"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=39&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Fri, 11 Apr 2025 03:55:59 GMT
x-ezoic-cdn
Hit d2;mm;43337e961da4d458fd5c343ccfa64ed3;2-124533-241;t_Y_iN-GKuuUjHfaMHs1s
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
x-sol
orig
cf-ray
931c56c5deb80496-CDG
accept-ranges
bytes
content-length
428
x-origin-cache-control
max-age=2592000
server
cloudflare
magnific-popup.css
cdn-0.securityonline.info/wp-content/themes/morenews/assets/magnific-popup/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/magnific-popup/magnific-popup.css?ver=6.7.2
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67f892cf-1b27"
age
290474
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Se1YpyW0JZu2dgUVNycU6RgjZESRZzO0J7ZoJZTRIfBSTbnqqUqsT93nBz5VXY7G4pMZ1G%2Bthh5XaWvPS7p45jzePJTV7%2BfKjM%2BaXUku21ON7o46i00Ju7I2v4fLHvUtObgeay%2BPDEZsfuNZ"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=40&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Fri, 11 Apr 2025 03:55:59 GMT
x-ezoic-cdn
Hit d2;mm;dd5e313fdbaca9343ed914bbd9dfb4d2;2-124533-241;lVXuxMRanwOQCMEO27Nop
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2592000
pragma
public
x-sol
orig
cf-ray
931c56c5debb0496-CDG
x-origin-cache-control
max-age=2592000
server
cloudflare
addtoany.min.css
cdn-0.securityonline.info/wp-content/plugins/add-to-any/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"677b8ecb-644"
age
290474
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xDsNeX8mopLpyCvzcWEp%2Fma90XLdQYTrJLxkc%2BDnTPYCQMzqfFJLMh7243AZV78HAJX4bJGgkKTLd9gIJM3r8%2BpoNwuUym7WnML4JeeorTTlBjRFMnmDcDvuMnd5RyN2MJrnMAOqhH%2BIxnXo"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=42&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Mon, 06 Jan 2025 08:05:31 GMT
x-ezoic-cdn
Hit d2;mm;bb30d6c1ad283294e563278d7bc3d689;2-124533-241;0bq5gvzMCaBeHKb5O2gSV
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2592000
pragma
public
x-sol
orig
cf-ray
931c56c5deb90496-CDG
x-origin-cache-control
max-age=2592000
server
cloudflare
page.js
static.addtoany.com/menu/ 		0
0
jquery.min.js
cdn-0.securityonline.info/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6550ceb4-15601"
age
292146
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2Fl9hTHJ6yGy5kizagbT0jV17LqkzsPMsWV9SvL5jS%2BYyua4DB5dIZSP0tPVJV2bs7zSVq1YAuTa9k8Tpz1aG8gKLgKIIiTa2Z3fXf9zF9saeZzegjIqiK%2FidnzlHn%2FOGOG8t2Ki4ywph9Rs"}],"group":"cf-nel","max_age":604800}
response
200
expires
Wed, 14 May 2025 04:32:09 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=39&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
application/javascript
last-modified
Sun, 12 Nov 2023 13:10:12 GMT
x-ezoic-cdn
Miss
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2592000
pragma
public
x-sol
orig
cf-ray
931c56c5deba0496-CDG
x-origin-cache-control
max-age=2592000
server
cloudflare
jquery-migrate.min.js
cdn-0.securityonline.info/wp-includes/js/jquery/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"64dcb055-3509"
age
292146
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CiPVw%2FLxKbkgR8ua2nnwyhjP9b3tMd2frZIckgvxIoPZ0diIdC0lTJPoeay7S2HyrPT7QgbN0L7BECd2rmcalGoeKQRjL94SZmeHyqeT42OBZNHORZoRNatsNKDJdilRB2YG8UvyiWmsVr%2Fm"}],"group":"cf-nel","max_age":604800}
response
200
expires
Wed, 14 May 2025 04:32:09 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=42&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
application/javascript
last-modified
Wed, 16 Aug 2023 11:17:41 GMT
x-ezoic-cdn
Miss
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2592000
pragma
public
x-sol
orig
cf-ray
931c56c5debc0496-CDG
x-origin-cache-control
max-age=2592000
server
cloudflare
addtoany.min.js
cdn-0.securityonline.info/wp-content/plugins/add-to-any/ 		0
0
aalstats.js
cdn-0.securityonline.info/wp-content/plugins/wp-auto-affiliate-links/js/ 		989 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/plugins/wp-auto-affiliate-links/js/aalstats.js?ver=6.7.2
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
265d49b8ace56978d396dd031f6b88cc3239ffbbd7f0fc2253ce0e6f1ee99020

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67fc6fa4-3dd"
age
292146
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QBHtVug5JPkeJFkXy2VeXqANhgenr4YZ5fHKQdRuwem4oCvePDvtKdKJC1l3FSaW8DSpWcPXRK%2BbvLZpOg5S9%2BhNmpLvCQSx1EZdPGCUTkEiglXHKDrbsfxf%2BCTIfymEu9HWxt1oQ6xQWePd"}],"group":"cf-nel","max_age":604800}
response
200
expires
Wed, 14 May 2025 04:32:09 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=39&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
application/javascript
last-modified
Mon, 14 Apr 2025 02:15:00 GMT
x-ezoic-cdn
Miss
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
x-sol
orig
cf-ray
931c56c5deab0496-CDG
accept-ranges
bytes
content-length
430
x-origin-cache-control
max-age=2592000
server
cloudflare
awpa-frontend-scripts.js
cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/js/awpa-frontend-scripts.js?ver=3.6.2
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71e8d2faa3c5225c0b00c72bc6a6cefabbb24d3a662fab738bef052117914c9a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67fc6fc3-6c5"
age
292146
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HEwxIMZI43DNqM2zS6lfKLeRtBRIealRfpRCVCWc3qIY8wu%2F7CshkFqDbcTa5iOnfu%2FTVs2vkYG6xcWnOpqV1trESZD8d%2BkUoRsVd4aGM4BX1njI23dmCE0AzzcmpcNgba8SH%2B27ip6aMK5n"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=42&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
application/javascript
last-modified
Mon, 14 Apr 2025 02:15:31 GMT
x-ezoic-cdn
Hit d2;mm;1546de1d33d2c20b8c8a4f0a0c3e1fe6;2-124533-241;FLdZyOjozVnxVt__oNZ1Q
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2592000
pragma
public
x-sol
orig
cf-ray
931c56c5deae0496-CDG
x-origin-cache-control
max-age=2592000
server
cloudflare
background-script.js
cdn-0.securityonline.info/wp-content/themes/morenews/assets/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/background-script.js?ver=1.0.35
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06f80283c6f1c140fa52e72e8efa51bd9129f08c806e0f2d2d08c3add2de9c8b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67f892cf-4dd"
age
292146
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=exJMd1cu7wZgfPH1eOI0HJLWBb4v2JyCNk1X5uEbZOjyPm9X3vfcIF2iAKozASoIxO%2FaoFMTgj6MVB4sdr6as%2BVQ8oE1wcpvIijrT6Z5z6MYvbj3CU36XQfyb8SX2xaMgx3YaiWbi0mHV3lM"}],"group":"cf-nel","max_age":604800}
response
200
expires
Wed, 14 May 2025 04:32:09 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=40&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
application/javascript
last-modified
Fri, 11 Apr 2025 03:55:59 GMT
x-ezoic-cdn
Miss
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
x-sol
orig
cf-ray
931c56c5deaf0496-CDG
accept-ranges
bytes
content-length
467
x-origin-cache-control
max-age=2592000
server
cloudflare
pub-4215883460048988
fundingchoicesmessages.google.com/i/ 		0
0
cmp.js
the.gatekeeperconsent.com/v2/ 		0
0
720-90.gif
cdn-0.securityonline.info/wp-content/uploads/2025/04/ 		274 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-0.securityonline.info/wp-content/uploads/2025/04/720-90.gif
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

cf-cache-status
HIT
etag
"67ff2be5-47e44"
age
120023
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aWyULzC5sAavWbIe7DqOe4JqKZoNH12oXbbkINQozWS3VNvuyFoV7oXiUpdWaCNRaVBX4UX0jKvqIiGTKlj4zbZ1uFfx4Q5i2K3zIQdKX33qJCfkTuZpnLc74zbtyjxO1tDOnJ2jxmxF8JUy"}],"group":"cf-nel","max_age":604800}
response
200
expires
Fri, 16 May 2025 04:20:51 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=42&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol
content-type
image/gif
last-modified
Wed, 16 Apr 2025 04:02:45 GMT
x-ezoic-cdn
Miss
display
staticcontent_sol
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=15552000
pragma
public
cf-ray
931c56c5dead0496-CDG
x-origin-cache-control
max-age=2592000
server
cloudflare
b0a78932e015ebaaead789dc4ba4762e
secure.gravatar.com/avatar/ 		808 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/b0a78932e015ebaaead789dc4ba4762e?s=16&d=mm&r=g
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b7ab295287dbc061018951841d36dfafb57c17928383023d04c512f815dcd0ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

link
<https://gravatar.com/avatar/b0a78932e015ebaaead789dc4ba4762e?s=16&d=mm&r=g>; rel="canonical"
cache-control
max-age=300
x-nc
HIT lhr 2
expires
Thu, 17 Apr 2025 13:46:15 GMT
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
808
date
Thu, 17 Apr 2025 13:41:15 GMT
content-type
image/png
last-modified
Tue, 18 Mar 2025 10:04:18 GMT
server
nginx
content-disposition
inline; filename="b0a78932e015ebaaead789dc4ba4762e.png"
b0a78932e015ebaaead789dc4ba4762e
secure.gravatar.com/avatar/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/b0a78932e015ebaaead789dc4ba4762e?s=150&d=mm&r=g
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
dd69529db7e9757556f356c46c125b2ef1ee7ca423a17814ed48658276799538

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

link
<https://gravatar.com/avatar/b0a78932e015ebaaead789dc4ba4762e?s=150&d=mm&r=g>; rel="canonical"
cache-control
max-age=300
x-nc
HIT lhr 2
expires
Thu, 17 Apr 2025 13:46:15 GMT
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
51657
date
Thu, 17 Apr 2025 13:41:15 GMT
content-type
image/png
last-modified
Tue, 18 Mar 2025 10:04:18 GMT
server
nginx
content-disposition
inline; filename="b0a78932e015ebaaead789dc4ba4762e.png"
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0
default-yellow.png
cdn.buymeacoffee.com/buttons/v2/ 		0
0
client
accounts.google.com/gsi/ 		0
0
style.css
cdn-0.securityonline.info/wp-content/plugins/wp-auto-affiliate-links/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/plugins/wp-auto-affiliate-links/css/style.css?ver=6.7.2
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62beed72ff9c49f23ea945452acf5d6609d448ac5edb6119380dda7597c1e070

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67fc6fa4-c78"
age
290474
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rr%2BpTnHr2nEXXrPfeL2ki0KAEuPJsjxyE512Z0IZ5GIvd7Du9Kb3IdBDglWSUujcK7TUWhzjTX0%2BRRYg40Yq81T9X4sorZbqxkYBOY598CvmoTnxV40yxKZWpll%2FhK72cocwV%2F%2FFSb0IxLht"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=139&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Mon, 14 Apr 2025 02:15:00 GMT
x-ezoic-cdn
Hit d2;mm;7a151a8361ff2af23c778b50a99e2cb9;2-124533-241;c9Ta2p17PKMvhd30LM2Z4
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2592000
pragma
public
x-sol
orig
cf-ray
931c56c67ec00496-CDG
x-origin-cache-control
max-age=2592000
server
cloudflare
google_cse_v2.js
cdn-0.securityonline.info/wp-content/plugins/wp-google-search/assets/js/ 		468 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/plugins/wp-google-search/assets/js/google_cse_v2.js?ver=1
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fae2dc10eaa5b7644e8f58c84f7fa0641b6a12b0bea27684105675f6bc45895e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"62eaa675-1d4"
age
292146
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I3OSCANMcjPXbFRT25eFs%2FVfIMf8az0WlB2T%2FdEYqolnF1r5HfyO2%2BVzDVHpSfeFrZCVW7xW01Yg0VqpIkGpxqDRc9epoIZQmRxlUfp1DA68h9cok4XELHDfnfO0T%2F%2FB3alZuYfV3yg9acmX"}],"group":"cf-nel","max_age":604800}
response
200
expires
Wed, 14 May 2025 04:32:09 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=164&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
application/javascript
last-modified
Wed, 03 Aug 2022 16:46:45 GMT
x-ezoic-cdn
Miss
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
x-sol
orig
cf-ray
931c56c6aec10496-CDG
accept-ranges
bytes
content-length
310
x-origin-cache-control
max-age=2592000
server
cloudflare
kk-star-ratings.min.js
cdn-0.securityonline.info/wp-content/plugins/kk-star-ratings/src/core/public/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/plugins/kk-star-ratings/src/core/public/js/kk-star-ratings.min.js?ver=5.4.10.2
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acdebf935ded5cb063dcca7c46be5bbc503af5e76e295f6d0b7093c4514ed256

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67a5ab7e-54f"
age
292146
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qYavAqg9vOnRuHL3qLKRXyfNvrNOtLW0xMD%2B3ssMQkFsMDDiPS1cVWUUQBeNoiqUjb1d6qcVU1ldi%2BDB7gBMxk5xm7jhq9oOmRAtPBWSGF%2BQ44IUMQuVO0gk9VbbbllIcjIFxrCCCA0YMEe1"}],"group":"cf-nel","max_age":604800}
response
200
expires
Wed, 14 May 2025 04:32:09 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=171&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
application/javascript
last-modified
Fri, 07 Feb 2025 06:43:10 GMT
x-ezoic-cdn
Miss
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
x-sol
orig
cf-ray
931c56c6aec20496-CDG
accept-ranges
bytes
content-length
740
x-origin-cache-control
max-age=2592000
server
cloudflare
hooks.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-includes/js/dist/hooks.min.js?ver=4d63a3d491d11ffd8ac6
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a1e0d38b691f1d22a92cff65ec0439b428170ac39a4493c7ecb06d5585f56a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"673bdd27-12a8"
age
292146
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IfEgvmStG9TFeWCUBWnR%2Bau252O1JLjoSLPj5HN3DocDO2%2FbdjVODX4dLWJmQvk63o%2B3mnBYGUDx38mps8t4IiEeHdauSOP9DzOBPRy6Qp0v9tS%2BqQg99c3D7ICfkpVsj2V4cDfFWLL60mZY"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=164&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 00:34:47 GMT
x-ezoic-cdn
Hit d2;mm;1e9270f62edaff0a2e31d9e0c563c419;2-124533-241;pLgd_pVIkBtueIPl_gOoE
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2592000
pragma
public
x-sol
orig
cf-ray
931c56c6aec30496-CDG
x-origin-cache-control
max-age=2592000
server
cloudflare
i18n.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		0
0
react.min.js
cdn-0.securityonline.info/wp-includes/js/dist/vendor/ 		0
0
react-jsx-runtime.min.js
cdn-0.securityonline.info/wp-includes/js/dist/vendor/ 		900 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-includes/js/dist/vendor/react-jsx-runtime.min.js?ver=18.3.1
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dad3bd7baeed9c2acf8ba5a791b37809cac2c5c0f14ffad1e7768dd93d71463

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66f2918a-384"
age
292146
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F3LdW%2BU9YLwJKo%2FI%2FXDidrjQBFveGvlm%2BHKSYT59AJfX412ft1eOdF5%2FfeNMlu0zmLjIf0Bwz9EjOu%2FS5B0GYuSvEV5bUWpPDw6UY3eyZsv5MSvAPS6nIRdQ9muspJeH09RXjrknsgTJBWc0"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=169&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 10:16:42 GMT
x-ezoic-cdn
Hit d2;mm;af0e12fa545e9f1ff7f425f421d6157d;2-124533-241;FHFmeW8JwrebvOjlkgsdw
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
x-sol
orig
cf-ray
931c56c6bec60496-CDG
accept-ranges
bytes
content-length
561
x-origin-cache-control
max-age=2592000
server
cloudflare
autop.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		0
0
wp-polyfill.min.js
cdn-0.securityonline.info/wp-includes/js/dist/vendor/ 		0
0
blob.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		0
0
block-serialization-default-parser.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-includes/js/dist/block-serialization-default-parser.min.js?ver=14d44daebf663d05d330
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85329539fa153cff27a8d4326a6c92e52503b914a5e1d81232a14a0264a1e9f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6613bd0c-960"
age
292145
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wXmcTUVjlxWjJeraSOcX29XxLeFYezH70M9Gn4ASEMgetQbovCFf7rmRmygK0xx7b219kxGsz1HXMGWidKngv3cVSSkfIGPmjvMkuIPaeSf7B43w%2F4BedZuKGKEwDTnooPFJs6PqZ5VmMJP7"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=171&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
application/javascript
last-modified
Mon, 08 Apr 2024 09:46:52 GMT
x-ezoic-cdn
Hit d2;mm;4bf6781943bc336a2994c4f8964b293a;2-124533-241;o5SjjmpLGI5IAV9JWv-Ao
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2592000
pragma
public
x-sol
orig
cf-ray
931c56c6beca0496-CDG
x-origin-cache-control
max-age=2592000
server
cloudflare
deprecated.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		684 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-includes/js/dist/deprecated.min.js?ver=e1f84915c5e8ae38964c
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b80d4052c055fb0ec0f2f32f2336b7b6010c18c8443f503182a982bc129f77c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6613bd0c-2ac"
age
292145
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4L9nI%2FTcvQ3AcvRW0%2BtRmz2fVo7wXhHa3AI3twRJywAIVU1806lAV5nD5LPaPBxWBPXcbbyGXLw0kJ5O3ZTAMCvCUG17mTx5fcQEuetUnt2cfex0rubBplA4muaFoRwq1eIQgtOlGGrEjTeo"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=172&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
application/javascript
last-modified
Mon, 08 Apr 2024 09:46:52 GMT
x-ezoic-cdn
Hit d2;mm;7a20f39b7031c1ac1fbee124e23afee4;2-124533-241;wF3rcP3Z-x6Cr1VVd7_Ho
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
x-sol
orig
cf-ray
931c56c6becb0496-CDG
accept-ranges
bytes
content-length
458
x-origin-cache-control
max-age=2592000
server
cloudflare
dom.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		0
0
react-dom.min.js
cdn-0.securityonline.info/wp-includes/js/dist/vendor/ 		0
0
escape-html.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		0
0
element.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		0
0
is-shallow-equal.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		1018 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-includes/js/dist/is-shallow-equal.min.js?ver=e0f9f1d78d83f5196979
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8027a5c64c0fe5132f2119cd1bfb824f10b51bde7a942233e80c3c3db6f4aac6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6613bd0c-3fa"
age
292145
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E6Y544bgEK38ZBr7zZLyj%2Bs4VzOn6zWmmJYtUSYAZCROgFkep6jeR%2Bif79IJIv09MIC%2B6vmK3HlaTxQ%2FZrZRa0UPeRCDgC2It3Pr4HGT%2BP0vXIts%2BWLbNxcaWTZcXATLJimLq%2BmbW%2FlI6hGj"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=171&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
application/javascript
last-modified
Mon, 08 Apr 2024 09:46:52 GMT
x-ezoic-cdn
Hit d2;mm;d04277168b5640b9f301dd8af33bcc7c;2-124533-241;lhEWKMIcCGo_ZVYk3JHew
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
x-sol
orig
cf-ray
931c56c6bed00496-CDG
accept-ranges
bytes
content-length
525
x-origin-cache-control
max-age=2592000
server
cloudflare
keycodes.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		0
0
priority-queue.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		0
0
compose.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		0
0
private-apis.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-includes/js/dist/private-apis.min.js?ver=4b858962c15c2c7a135f
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0774825d40fd1c2b5b659cf6a436abf0dbf4ffadd985bd10ecca750dbaf7a116

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"673bdd27-af6"
age
292145
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QXYhKvjJ5iZ4dMnlM1ZCWC8%2BSVo4Z6v%2BAOrRC8CGLwbM6Xc6nWwwlfqJ%2FeieDPFcwkcZxADo7tlsIDQBD1Sq5cCSifcv2EcO%2Femw5SygRnjPJ3nJ56bQMdM4HH09FZS1zPN8T%2BE%2FvCiTxLPc"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=172&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 00:34:47 GMT
x-ezoic-cdn
Hit d2;mm;705a1943a4a5ed8811720169775d11f4;2-124533-241;wXGfUoA4U9cxZSvwVbKNJ
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2592000
pragma
public
x-sol
orig
cf-ray
931c56c6bed40496-CDG
x-origin-cache-control
max-age=2592000
server
cloudflare
redux-routine.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		0
0
data.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		0
0
html-entities.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		0
0
dom-ready.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		0
0
a11y.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		0
0
rich-text.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		0
0
shortcode.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		0
0
warning.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		0
0
blocks.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		0
0
url.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		0
0
api-fetch.min.js
cdn-0.securityonline.info/wp-includes/js/dist/ 		0
0
awpa_frontend.build.js
cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/dist/ 		0
0
navigation.js
cdn-0.securityonline.info/wp-content/themes/morenews/js/ 		0
0
skip-link-focus-fix.js
cdn-0.securityonline.info/wp-content/themes/morenews/js/ 		0
0
slick.min.js
cdn-0.securityonline.info/wp-content/themes/morenews/assets/slick/js/ 		0
0
bootstrap.min.js
cdn-0.securityonline.info/wp-content/themes/morenews/assets/bootstrap/js/ 		0
0
jquery.sidr.min.js
cdn-0.securityonline.info/wp-content/themes/morenews/assets/sidr/js/ 		0
0
jquery.magnific-popup.min.js
cdn-0.securityonline.info/wp-content/themes/morenews/assets/magnific-popup/ 		0
0
jquery.matchHeight.min.js
cdn-0.securityonline.info/wp-content/themes/morenews/assets/jquery-match-height/ 		0
0
morenews_marque_scripts.build.js
cdn-0.securityonline.info/wp-content/themes/morenews/admin-dashboard/dist/ 		0
0
morenews_scripts.build.js
cdn-0.securityonline.info/wp-content/themes/morenews/admin-dashboard/dist/ 		0
0
comment-reply.min.js
cdn-0.securityonline.info/wp-includes/js/ 		0
0
single_post_star.build.js
cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/dist/ 		0
0
author_post_star.build.js
cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/dist/ 		0
0
swg-basic.js
news.google.com/swg/js/v1/ 		0
0
00b157af-41b8-47d0-9fab-1a657510f40c
https://securityonline.info/ 		0
0
boise.js
www.ezojs.com/detroitchicago/ 		0
0
abilene.js
www.ezojs.com/parsonsmaize/ 		0
0
analytics
securityonline.info/ezais/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securityonline.info/ezais/analytics?cb=1
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c17e32cb9ce5ad3c96b5f168ecfaeee0a45c536f88173b7d72f17d942e3a7e08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/

Response headers

x-robots-tag
noindex
access-control-max-age
1728000
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
https://securityonline.info
date
Thu, 17 Apr 2025 13:41:15 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers
Content-Type
css
fonts.googleapis.com/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:400,700|Open+Sans:400,700&subset=latin&display=swap
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
49e967358d283778213b57a79bda101f744420ffde08f2ca4446431afe9eb832
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 17 Apr 2025 13:41:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Apr 2025 13:41:15 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 17 Apr 2025 12:34:58 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
gtm.js
www.googletagmanager.com/ 		0
0
pub-4215883460048988
fundingchoicesmessages.google.com/b/ 		0
0
inactive.svg
cdn-0.securityonline.info/wp-content/plugins/kk-star-ratings/src/core/public/svg/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-0.securityonline.info/wp-content/plugins/kk-star-ratings/src/core/public/svg/inactive.svg
Requested by
Host: cdn-0.securityonline.info
URL: https://cdn-0.securityonline.info/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.4.10.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://cdn-0.securityonline.info/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.4.10.2

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67a5ab7e-ee"
age
290473
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hrVvKclJZxcz7xyjBHCAuD2wRtqkNStIzwKclNkDLm1CuK4yj44%2FJMRaNSj%2FT%2BirmGJgN7ZKU2HGderIj0rgq%2BvBkNStKUN2g9SDbYWEadqksSI89zWzwDVgbK5L%2FRYRf0NS2Zm7n58Y6g5f"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=174&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol
content-type
image/svg+xml
last-modified
Fri, 07 Feb 2025 06:43:10 GMT
x-ezoic-cdn
Hit d2;mm;4a83b32bcfe0e0e83d6c7639f24126eb;2-124533-241;xyC31iVllNiSofsBAQqM8
display
staticcontent_sol
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=15552000
pragma
public
cf-ray
931c56c6beed0496-CDG
x-origin-cache-control
max-age=2592000
server
cloudflare
active.svg
cdn-0.securityonline.info/wp-content/plugins/kk-star-ratings/src/core/public/svg/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-0.securityonline.info/wp-content/plugins/kk-star-ratings/src/core/public/svg/active.svg
Requested by
Host: cdn-0.securityonline.info
URL: https://cdn-0.securityonline.info/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.4.10.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://cdn-0.securityonline.info/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.4.10.2

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67a5ab7e-f6"
age
290473
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mz%2BZbBF6ZqgyySFvO%2BxUPY2cOvPYaST83IV8YPW%2Bp84hO8XbsFRvU8mFarDAgEY%2BPJAOaqfvGgB%2Bb%2BD8V1q9B5%2Bo1rzWO502V0FH03tizHi%2FvXqSxERfF8GIMd0t550OmiMSzIQTj3uh7fQz"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14294&min_rtt=14134&rtt_var=2398&sent=15&recv=30&lost=0&retrans=0&sent_bytes=3874&recv_bytes=10253&delivery_rate=40323&cwnd=12000&unsent_bytes=0&cid=cf62c0794d100660&ts=175&x=16"
date
Thu, 17 Apr 2025 13:41:15 GMT
x-middleton-display
staticcontent_sol
content-type
image/svg+xml
last-modified
Fri, 07 Feb 2025 06:43:10 GMT
x-ezoic-cdn
Hit d2;mm;ffda53b3715143404ac085d9de74a435;2-124533-241;YvEYUoXnAnKXbjPpSrwFY
display
staticcontent_sol
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=15552000
pragma
public
cf-ray
931c56c6beef0496-CDG
x-origin-cache-control
max-age=2592000
server
cloudflare
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		0
0
aft-icons.ttf
cdn-0.securityonline.info/wp-content/themes/morenews/assets/icons/fonts/ 		0
0
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v53/ 		0
0
fa-regular-400.woff2
cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/fontawesome/webfonts/ 		0
0
icomoon.ttf
cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/css/fonts/ 		0
0
scam-3933004_640.jpg
cdn-0.securityonline.info/wp-content/uploads/2024/08/ 		0
0
preinstall-hook-768x1019.jpeg
cdn-0.securityonline.info/wp-content/uploads/2025/04/ 		0
0
et.js
www.ezojs.com/porpoiseant/ 		0
0
drake.js
www.ezojs.com/beardeddragon/ 		0
0
jellyfish.js
www.ezojs.com/porpoiseant/ 		0
0
aft-icons.woff
cdn-0.securityonline.info/wp-content/themes/morenews/assets/icons/fonts/ 		19 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/icons/fonts/aft-icons.woff?e3nek0
Requested by
Host: cdn-0.securityonline.info
URL: https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/icons/style.css?ver=6.7.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf00b5be3a1a66e52613c9d2c3a2960e092c08391569b15b35f0b9617ef7e6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://securityonline.info
Referer
https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/icons/style.css?ver=6.7.2

Response headers

access-control-max-age
1728000
content-encoding
gzip
cf-cache-status
HIT
etag
"67f892cf-4b94"
age
86322
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=loI964MD3MvF6AsbTji41uWd%2FVLrAu9zZSpeB1YNu92tmh9yk0uk0vdlhj%2FGm5u0%2BB9T7eLMEs1Hqk3QNdUo7RtbuoRTJHWDRR7Kcy93H1gOrw592v426smITLhbhhe5Viri6IsQzE%2BIVJPF"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS
response
200
expires
Fri, 16 May 2025 13:43:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17831&min_rtt=16023&rtt_var=5446&sent=11&recv=11&lost=0&retrans=0&sent_bytes=3777&recv_bytes=4094&delivery_rate=28241&cwnd=12000&unsent_bytes=0&cid=33cda56ca8004739&ts=29860&x=16"
date
Thu, 17 Apr 2025 13:41:45 GMT
x-middleton-display
staticcontent_sol
content-type
application/font-woff
last-modified
Fri, 11 Apr 2025 03:55:59 GMT
vary
Accept-Encoding,User-Agent,Origin
display
staticcontent_sol
x-ezoic-cdn
Miss
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2592000
pragma
public
cf-ray
931c57815fb4ebb1-CDG
access-control-allow-origin
https://securityonline.info
x-origin-cache-control
max-age=2592000
server
cloudflare
icomoon.woff
cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/css/fonts/ 		4 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/css/fonts/icomoon.woff?5l53jq
Requested by
Host: cdn-0.securityonline.info
URL: https://cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/css/awpa-frontend-style.css?ver=3.6.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
002e4a06d56fc2e2cb7ddcf21645623ae5bf84f57ea59425359d5c2b97dfebbb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://securityonline.info
Referer
https://cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/css/awpa-frontend-style.css?ver=3.6.2

Response headers

access-control-max-age
1728000
content-encoding
gzip
cf-cache-status
HIT
etag
"67fc6fc3-1084"
age
268071
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TLjjECrjN1fJBNFFKYbBN4tElaRtWrrRgDxvYnBsKRH6Krrwugoc%2FQxJFcRLe5kDklIB0pIWO4ig94P7FYnOmvNNATlH35OVMsX92tcqpyVjYr0PXDCYJh2YQMnRp%2BoD3JtaaYFxK7RmDwnt"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17831&min_rtt=16023&rtt_var=5446&sent=11&recv=11&lost=0&retrans=0&sent_bytes=3777&recv_bytes=4094&delivery_rate=28241&cwnd=12000&unsent_bytes=0&cid=33cda56ca8004739&ts=29864&x=16"
date
Thu, 17 Apr 2025 13:41:45 GMT
x-middleton-display
staticcontent_sol
content-type
application/font-woff
last-modified
Mon, 14 Apr 2025 02:15:31 GMT
x-ezoic-cdn
Hit d2;mm;6b57c1d691325f20230d59d197444ec6;2-124533-241;0mxqSGyF3nxFMhFBrZy9M
display
staticcontent_sol
vary
Accept-Encoding,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2592000
pragma
public
cf-ray
931c57815fb6ebb1-CDG
access-control-allow-origin
https://securityonline.info
x-origin-cache-control
max-age=2592000
server
cloudflare
fa-regular-400.ttf
cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/fontawesome/webfonts/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/fontawesome/webfonts/fa-regular-400.ttf
Requested by
Host: cdn-0.securityonline.info
URL: https://cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/fontawesome/css/all.css?ver=3.6.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d81a1a7cc07e1ab196e40496d3f4359e9759f79d8ec883a46675ee69912950b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://securityonline.info
Referer
https://cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/fontawesome/css/all.css?ver=3.6.2

Response headers

access-control-max-age
1728000
cf-cache-status
HIT
etag
"67fc6fc3-f774"
age
86323
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y3ea5kBZBdk4yPNCSsVB39PP%2FqezOV6zImkXPeYr9Y38W6hex3nBBUCOkmmYBvo9M8mOWR%2F6R3QUkAolFXZTBgawyIb9tkO%2FUCikbi%2F9YlAkqztebAUhHVcjcK%2B9lSy2pPxGK1jSOs7kQ64x"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17831&min_rtt=16023&rtt_var=5446&sent=11&recv=11&lost=0&retrans=0&sent_bytes=3777&recv_bytes=4094&delivery_rate=28241&cwnd=12000&unsent_bytes=0&cid=33cda56ca8004739&ts=29870&x=16"
date
Thu, 17 Apr 2025 13:41:45 GMT
x-middleton-display
staticcontent_sol
content-type
application/octet-stream
last-modified
Mon, 14 Apr 2025 02:15:31 GMT
x-ezoic-cdn
Hit d2;ms;e049f2ed1b45b152afca388743ddfa5e;2-124533-241;saK-MtkUoKWaN6S3GIhG0
display
staticcontent_sol
vary
Accept-Encoding,User-Agent,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2592000
pragma
public
cf-ray
931c57815fb5ebb1-CDG
access-control-allow-origin
https://securityonline.info
x-origin-cache-control
max-age=2592000
server
cloudflare
ezqlog
g.ezoic.net/ 		0
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/ezqlog?d=%7B%22url%22%3A%22https%3A%2F%2Fsecurityonline.info%2Fmalicious-npm-packages-target-paypal-users-to-steal-sensitive-data%2F%22%2C%22name%22%3A%22%2Fporpoiseant%2Fjellyfish.js%22%2C%22path%22%3A%22%2Fporpoiseant%2Fjellyfish.js%3Fa%3Da%26cb%3D17%26dcb%3D195-3%26shcb%3D34%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F135.0.0.0%20Safari%2F537.36%22%2C%22pageview_id%22%3A%229ee7e7f6-feaa-423f-43c9-82b57f0580a0%22%7D
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
access-control-max-age
1728000
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
https://securityonline.info
content-length
0
date
Thu, 17 Apr 2025 13:41:45 GMT
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers
Content-Type
ezqlog
g.ezoic.net/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/ezqlog?d=%7B%22url%22%3A%22https%3A%2F%2Fsecurityonline.info%2Fmalicious-npm-packages-target-paypal-users-to-steal-sensitive-data%2F%22%2C%22name%22%3A%22%2Fporpoiseant%2Fet.js%22%2C%22path%22%3A%22%2Fporpoiseant%2Fet.js%3Fgcb%3D195-3%26cb%3D3%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F135.0.0.0%20Safari%2F537.36%22%2C%22pageview_id%22%3A%229ee7e7f6-feaa-423f-43c9-82b57f0580a0%22%7D
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
access-control-max-age
1728000
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
https://securityonline.info
content-length
0
date
Thu, 17 Apr 2025 13:41:45 GMT
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers
Content-Type
pub-4215883460048988
fundingchoicesmessages.google.com/b/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/b/pub-4215883460048988
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
472ab5dc610bafd0db0959b7f43e8ff8e8c648634a8592912665f4c26890f414
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bbiP5zVR17kHjNX9oRD0uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Apr 2025 13:41:45 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzj8tDikmJw0pBiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYhj026ypgJx796brDeO3GQV4uGY2dVygE3gRt_7PmYljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjUwMTQ1M9A4P4AgMAdTMzdg"
content-security-policy
script-src 'report-sample' 'nonce-bbiP5zVR17kHjNX9oRD0uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
ezqlog
g.ezoic.net/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/ezqlog?d=%7B%22url%22%3A%22https%3A%2F%2Fsecurityonline.info%2Fmalicious-npm-packages-target-paypal-users-to-steal-sensitive-data%2F%22%2C%22name%22%3A%22%2Fparsonsmaize%2Fabilene.js%22%2C%22path%22%3A%22%2Fparsonsmaize%2Fabilene.js%3Fgcb%3D195-3%26cb%3Ddc112bb7ea%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F135.0.0.0%20Safari%2F537.36%22%2C%22pageview_id%22%3A%229ee7e7f6-feaa-423f-43c9-82b57f0580a0%22%7D
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
access-control-max-age
1728000
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
https://securityonline.info
content-length
0
date
Thu, 17 Apr 2025 13:41:45 GMT
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers
Content-Type
mulvane.js
www.ezojs.com/parsonsmaize/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/parsonsmaize/mulvane.js?gcb=195-3&cb=e75e48eec0
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.144 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
9b41253384e2818bd0f76171d6ffd723d4c85c5e1a69da74f174489cb52a40ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
age
2462071
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8h%2F9tMSUYV882MKe%2FcVZQpvBW74IMLR1vmht09Q%2BGCNDZfUYU3wABWVpnFSoXTr5ZcT8wyZKl8nPli%2FHw2gWgRXoO%2BlztQCFyvuQ3TmoZOuZgMtNrZYPxGwgfgoKMAVp"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14987&min_rtt=14577&rtt_var=6286&sent=9&recv=7&lost=0&retrans=0&sent_bytes=3678&recv_bytes=3347&delivery_rate=198709&cwnd=12000&unsent_bytes=0&cid=1cff003cd497cbee&ts=29901&x=16"
date
Thu, 17 Apr 2025 13:41:45 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 20 Mar 2025 01:47:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=31536000, public
cf-ray
931c57815dbf0479-CDG
server
cloudflare
birmingham.js
www.ezojs.com/detroitchicago/ 		752 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/detroitchicago/birmingham.js?gcb=195-3&cb=539c47377c
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.144 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
30be558393bd8b0585c806a6eaed6d6f5b51d1ca63c0113061dfe35eaa128ce3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
age
460625
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0WwhSgrjQJwkrkDpMsF%2BXleh7wK3Et2oCE5AjY1UthS%2BM06L8iBE8YvOrXBRld%2B9JBsm8PGRMJL7t3dhXmOEXjTTmftpGnQo%2BLP9cRQm3f%2BkGF88xnWr8HQ9z9gnU2A4"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14987&min_rtt=14577&rtt_var=6286&sent=9&recv=7&lost=0&retrans=0&sent_bytes=3678&recv_bytes=3347&delivery_rate=198709&cwnd=12000&unsent_bytes=0&cid=1cff003cd497cbee&ts=29869&x=16"
date
Thu, 17 Apr 2025 13:41:45 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Sat, 12 Apr 2025 05:44:40 GMT
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
931c57815dbd0479-CDG
accept-ranges
bytes
content-length
417
server
cloudflare
olathe.js
www.ezojs.com/parsonsmaize/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/parsonsmaize/olathe.js?gcb=195-3&cb=26
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.144 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3cefef7fc952707c97375ef3fa95a8c45a96eda7845d02bc1c28bf3570c0cfba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
age
2449240
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qnRNVml7Ts7Wzr8rdcNonsuw2I2orpUJq8CW%2FEvM0PAyx4olJidYDqbMZpN0HpFDLeg5SsewFtKlwDlsHC3McVwY6fTZUNNZPHmk%2Fe3pUPlLQOY%2BQPERvYtffknadYbU"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14987&min_rtt=14577&rtt_var=6286&sent=9&recv=7&lost=0&retrans=0&sent_bytes=3678&recv_bytes=3347&delivery_rate=198709&cwnd=12000&unsent_bytes=0&cid=1cff003cd497cbee&ts=29866&x=16"
date
Thu, 17 Apr 2025 13:41:45 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 20 Mar 2025 05:21:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=31536000, public
cf-ray
931c57815dbe0479-CDG
server
cloudflare
reno.js
www.ezojs.com/detroitchicago/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/detroitchicago/reno.js?gcb=195-3&cb=3
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.144 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a285bc82f73dbd55244657449b4d9b2ecae8b2ea622d5558432bc818bb847df2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
age
2434107
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Htd%2BWVxMOP5UQLMePX%2FRE6j9ZGBmtIDfUM6haZbZX8vzeeRvH0xSQFJfhTNcIOjLYNbmr8MQMn0JnWid6YHQcV7m9YBpZhI8ffdgtcTIarsuU%2BGd2iqYbSz7f0C1LJjJ"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14987&min_rtt=14577&rtt_var=6286&sent=9&recv=7&lost=0&retrans=0&sent_bytes=3678&recv_bytes=3347&delivery_rate=198709&cwnd=12000&unsent_bytes=0&cid=1cff003cd497cbee&ts=29869&x=16"
date
Thu, 17 Apr 2025 13:41:45 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 20 Mar 2025 09:33:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=31536000, public
cf-ray
931c57815dc40479-CDG
server
cloudflare
overlandpark.js
www.ezojs.com/detroitchicago/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/detroitchicago/overlandpark.js?gcb=195-3&cb=301bbdaf04
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.144 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
8b3a000db28359e0512e1484988806b9cdaeb457e29ef6b82bfe097e6eed3231

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
age
464991
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rDQmUdOVfXUVTMK5Q5wWZrN%2BNEL6xwjezUrmyLVKGw1tNVxl1bjB5UhO%2BH4javURwuDBWGxhF54%2BnOx4Csq23EtLI5%2FxP4agpE4%2Fef0n2Z2kL1p6v5GQaWQT%2BloSwVW%2B"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14987&min_rtt=14577&rtt_var=6286&sent=9&recv=7&lost=0&retrans=0&sent_bytes=3678&recv_bytes=3347&delivery_rate=198709&cwnd=12000&unsent_bytes=0&cid=1cff003cd497cbee&ts=29905&x=16"
date
Thu, 17 Apr 2025 13:41:45 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Sat, 12 Apr 2025 04:31:54 GMT
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
931c57815dc00479-CDG
accept-ranges
bytes
content-length
529
server
cloudflare
wichita.js
www.ezojs.com/detroitchicago/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/detroitchicago/wichita.js?gcb=195-3&cb=9f9286e31b
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.144 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
53731718ab10d0a5e783bd3eaef381aa420a233d429903bcde616619e25d330b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
age
2430337
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2nOI8cdLeN%2BslUfaQYKOsgWDIep0Em0ay03QgbHK8keYFAaUKSryfwBQGJ3MuNTe2zk1QhvBRLMQtknuC44DaubdjA9D889ENJk18NqYtsQaAUBl5%2FOaeseXD0g91ZoN"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14987&min_rtt=14577&rtt_var=6286&sent=9&recv=7&lost=0&retrans=0&sent_bytes=3678&recv_bytes=3347&delivery_rate=198709&cwnd=12000&unsent_bytes=0&cid=1cff003cd497cbee&ts=29907&x=16"
date
Thu, 17 Apr 2025 13:41:45 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 20 Mar 2025 10:36:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=31536000, public
cf-ray
931c57815dc10479-CDG
server
cloudflare
raleigh.js
www.ezojs.com/detroitchicago/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/detroitchicago/raleigh.js?gcb=195-3&cb=8
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.144 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
dcfeafb915fb5e0eaf4cce1e3abf6eeace381b5926e07261cbceffc30fa4e699

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
age
1911309
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pAtl3NV7Ey4zmxyCD8eXhtTWmyoOEBR78xjOJkzxgQk%2FicVNpv2QRBnOYQ8H8Xmix7DRXwe7uqmbtwTAOmci%2BE7dxQd%2FONOnTBGC3mVzUjs2sYxdzRtG5TJrOpPPWcr3"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14987&min_rtt=14577&rtt_var=6286&sent=9&recv=7&lost=0&retrans=0&sent_bytes=3678&recv_bytes=3347&delivery_rate=198709&cwnd=12000&unsent_bytes=0&cid=1cff003cd497cbee&ts=29910&x=16"
date
Thu, 17 Apr 2025 13:41:45 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Wed, 26 Mar 2025 10:46:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=31536000, public
cf-ray
931c57815dc20479-CDG
server
cloudflare
vista.js
www.ezojs.com/detroitchicago/ 		705 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/detroitchicago/vista.js?gcb=195-3&cb=296945a885
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.144 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
bdb45214f548d4da3ec07c07d9f6f92f2fbff7d1ccefee55631d31729cf02a30

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
age
464930
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CMz9jNEtNx5lLJpeau3u1DDLxEcbWUIWkFra6WDH3DcQyWxz6dhOBUuLhJ9tbClPTr8k05KjvMTth30xPliUrU4qQ57Om70VyISQgtaJz39usct8KBlZ0ReOgm%2F7XEcc"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14987&min_rtt=14577&rtt_var=6286&sent=9&recv=7&lost=0&retrans=0&sent_bytes=3678&recv_bytes=3347&delivery_rate=198709&cwnd=12000&unsent_bytes=0&cid=1cff003cd497cbee&ts=29866&x=16"
date
Thu, 17 Apr 2025 13:41:45 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Sat, 12 Apr 2025 04:32:55 GMT
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
931c57815dc30479-CDG
accept-ranges
bytes
content-length
411
server
cloudflare
ezqlog
g.ezoic.net/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/ezqlog?d=%7B%22url%22%3A%22https%3A%2F%2Fsecurityonline.info%2Fmalicious-npm-packages-target-paypal-users-to-steal-sensitive-data%2F%22%2C%22name%22%3A%22%2Fbeardeddragon%2Fdrake.js%22%2C%22path%22%3A%22%2Fbeardeddragon%2Fdrake.js%3Fgcb%3D3%26cb%3D1b0a0a9dcc%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F135.0.0.0%20Safari%2F537.36%22%2C%22pageview_id%22%3A%229ee7e7f6-feaa-423f-43c9-82b57f0580a0%22%7D
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
access-control-max-age
1728000
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
https://securityonline.info
content-length
0
date
Thu, 17 Apr 2025 13:41:45 GMT
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers
Content-Type
ezqlog
g.ezoic.net/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/ezqlog?d=%7B%22url%22%3A%22https%3A%2F%2Fsecurityonline.info%2Fmalicious-npm-packages-target-paypal-users-to-steal-sensitive-data%2F%22%2C%22name%22%3A%22%2Fdetroitchicago%2Fboise.js%22%2C%22path%22%3A%22%2Fdetroitchicago%2Fboise.js%3Fgcb%3D195-3%26cb%3D5%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F135.0.0.0%20Safari%2F537.36%22%2C%22pageview_id%22%3A%229ee7e7f6-feaa-423f-43c9-82b57f0580a0%22%7D
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
access-control-max-age
1728000
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
https://securityonline.info
content-length
0
date
Thu, 17 Apr 2025 13:41:45 GMT
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers
Content-Type
AGSKWxVG9ybNyCvnqaJzFpRZObWdlWXJJI8bXoOIZ3SQl8Nu4E4S-yv-lr9sXjrujBeIxi1N0Q7hnYYl5hig-U2c9-4mTA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVG9ybNyCvnqaJzFpRZObWdlWXJJI8bXoOIZ3SQl8Nu4E4S-yv-lr9sXjrujBeIxi1N0Q7hnYYl5hig-U2c9-4mTA==
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QODhb4inXdeSDs1SF5YmWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Apr 2025 13:41:45 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw15Bi-FB_mfUHEAvxcMzsajnAJrBhWuMqZiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkamBiaKpnYB5fYAAALtojxw"
content-security-policy
script-src 'report-sample' 'nonce-QODhb4inXdeSDs1SF5YmWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://securityonline.info
content-length
0
x-xss-protection
0
server
ESF
vitals.js
www.ezojs.com/tardisrocinante/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/tardisrocinante/vitals.js?gcb=3&cb=5
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.144 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
6fca1361d81b8d8d05afbe947e257aef026891372b45e0d2de123a907a4ed1af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
age
458518
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KInY6Gl52MyUvc5H1i2rq1xg60HconJGBLN3bW0GFsQj9yUf2lWAw8hMHYosb%2BuvJOh9n9UMvoEvsxWtEpQqhB5OoQutJi8KgZt0k3dF1uht9uYCSSowjspIAJ8yFFF4"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14987&min_rtt=14577&rtt_var=6286&sent=9&recv=7&lost=0&retrans=0&sent_bytes=3678&recv_bytes=3347&delivery_rate=198709&cwnd=12000&unsent_bytes=0&cid=1cff003cd497cbee&ts=29928&x=16"
date
Thu, 17 Apr 2025 13:41:45 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Sat, 12 Apr 2025 06:19:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=31536000, public
cf-ray
931c5781cdc70479-CDG
server
cloudflare
chanute.js
www.ezojs.com/parsonsmaize/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/parsonsmaize/chanute.js?a=a&cb=16&dcb=195-3&shcb=34
Requested by
Host: securityonline.info
URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.144 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
45fd2ba3960eed5c593360163563e703c8c333d4be5736119d53b84d666783ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
age
206881
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XmuI%2BuvnV2DXb1xcaYWM4TTVvpWq0C5p1oY7dxkbbk7k9WErZZUe3Tm9QqoZFsXPt%2BNhAP9aolLt8nfLlLuHnSt5gW5DMZD6Ki7c6vSOfJvp89TD%2FGCp2djOxmvGwoak"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14987&min_rtt=14577&rtt_var=6286&sent=9&recv=7&lost=0&retrans=0&sent_bytes=3678&recv_bytes=3347&delivery_rate=198709&cwnd=12000&unsent_bytes=0&cid=1cff003cd497cbee&ts=29930&x=16"
date
Thu, 17 Apr 2025 13:41:45 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 15 Apr 2025 04:13:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=31536000, public
cf-ray
931c5781cdc80479-CDG
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-MVCLJGE8T6
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Domain
static.addtoany.com
URL
https://static.addtoany.com/menu/page.js
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/i/pub-4215883460048988?ers=1
Domain
the.gatekeeperconsent.com
URL
https://the.gatekeeperconsent.com/v2/cmp.js?v=385
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4215883460048988
Domain
cdn.buymeacoffee.com
URL
https://cdn.buymeacoffee.com/buttons/v2/default-yellow.png
Domain
accounts.google.com
URL
https://accounts.google.com/gsi/client
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/vendor/react.min.js?ver=18.3.1.1
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/autop.min.js?ver=9fb50649848277dd318d
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/blob.min.js?ver=9113eed771d446f4a556
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/dom.min.js?ver=93117dfee2692b04b770
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/vendor/react-dom.min.js?ver=18.3.1.1
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/escape-html.min.js?ver=6561a406d2d232a6fbd2
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/element.min.js?ver=cb762d190aebbec25b27
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/keycodes.min.js?ver=034ff647a54b018581d3
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/priority-queue.min.js?ver=9c21c957c7e50ffdbf48
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/compose.min.js?ver=d52df0f868e03c1bd905
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/redux-routine.min.js?ver=a0a172871afaeb261566
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/data.min.js?ver=7c62e39de0308c73d50c
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/html-entities.min.js?ver=2cd3358363e0675638fb
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/dom-ready.min.js?ver=f77871ff7694fffea381
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/a11y.min.js?ver=3156534cc54473497e14
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/rich-text.min.js?ver=4021b9e4e9ef4d3cd868
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/shortcode.min.js?ver=b7747eee0efafd2f0c3b
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/warning.min.js?ver=ed7c8b0940914f4fe44b
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/blocks.min.js?ver=8474af4b6260126fa879
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/url.min.js?ver=e87eb76272a3a08402d2
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/dist/api-fetch.min.js?ver=d387b816bc1ed2042e28
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/dist/awpa_frontend.build.js?ver=3.6.2
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/js/navigation.js?ver=1.0.35
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/js/skip-link-focus-fix.js?ver=1.0.35
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/slick/js/slick.min.js?ver=1.0.35
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/bootstrap/js/bootstrap.min.js?ver=1.0.35
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/sidr/js/jquery.sidr.min.js?ver=1.0.35
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/magnific-popup/jquery.magnific-popup.min.js?ver=1.0.35
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/jquery-match-height/jquery.matchHeight.min.js?ver=1.0.35
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/admin-dashboard/dist/morenews_marque_scripts.build.js?ver=1.0.35
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/admin-dashboard/dist/morenews_scripts.build.js?ver=1.0.35
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-includes/js/comment-reply.min.js?ver=6.7.2
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/dist/single_post_star.build.js?ver=3.6.2
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/dist/author_post_star.build.js?ver=3.6.2
Domain
news.google.com
URL
https://news.google.com/swg/js/v1/swg-basic.js
Domain
securityonline.info
URL
blob:https://securityonline.info/00b157af-41b8-47d0-9fab-1a657510f40c
Domain
www.ezojs.com
URL
https://www.ezojs.com/detroitchicago/boise.js?gcb=195-3&cb=5
Domain
www.ezojs.com
URL
https://www.ezojs.com/parsonsmaize/abilene.js?gcb=195-3&cb=dc112bb7ea
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtm.js?id=GTM-KPB7RQ7
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/b/pub-4215883460048988
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/icons/fonts/aft-icons.ttf?e3nek0
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/fontawesome/webfonts/fa-regular-400.woff2
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-content/plugins/wp-post-author/assets/css/fonts/icomoon.ttf?5l53jq
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-content/uploads/2024/08/scam-3933004_640.jpg
Domain
cdn-0.securityonline.info
URL
https://cdn-0.securityonline.info/wp-content/uploads/2025/04/preinstall-hook-768x1019.jpeg
Domain
www.ezojs.com
URL
https://www.ezojs.com/porpoiseant/et.js?gcb=195-3&cb=3
Domain
www.ezojs.com
URL
https://www.ezojs.com/beardeddragon/drake.js?gcb=3&cb=1b0a0a9dcc
Domain
www.ezojs.com
URL
https://www.ezojs.com/porpoiseant/jellyfish.js?a=a&cb=17&dcb=195-3&shcb=34

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| __setCMPv2RequestData number| gtagLoadBackoff function| gtagLoadedCheck object| _CMPv2RequestData function| __tcfapi object| __ezHttpConsent object| ezTcfConsent function| getEzConsentData function| _setEzCookies function| addEzCookies object| ezCookieQueue object| _ezaq object| __ez boolean| ezDisableAds string| __ezScriptHost function| analyticsAddScript function| getCookiesWithPrefix function| productAnalytics boolean| ezAnalyticsStatic function| gtag object| dataLayer object| adsbygoogle object| _wpemojiSettings object| a2a_config function| jQuery object| aal_stats_ajax function| __h82AlnkH6D91__ string| ezoTemplate string| ezouid string| ezoFormfactor string| soc_app_id number| did string| ezdomain number| ezoicSearchable boolean| cmpIsOn number| ezCmpChangeLogId number| ezCmpCacheBusterId function| create_ezolpl function| attach_ezolpl string| _audins_dom number| _audins_did

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://cdn.buymeacoffee.com/buttons/v2/default-yellow.png
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
other warning URL: https://securityonline.info/malicious-npm-packages-target-paypal-users-to-steal-sensitive-data/(Line 594)
Message:
A preload for 'https://fonts.googleapis.com/css?family=Oswald:400,700|Open+Sans:400,700&subset=latin&display=swap' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
cdn-0.securityonline.info
cdn.buymeacoffee.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g.ezoic.net
news.google.com
pagead2.googlesyndication.com
privacy.gatekeeperconsent.com
secure.gravatar.com
securityonline.info
static.addtoany.com
the.gatekeeperconsent.com
www.ezojs.com
www.googletagmanager.com
accounts.google.com
cdn-0.securityonline.info
cdn.buymeacoffee.com
fonts.gstatic.com
fundingchoicesmessages.google.com
news.google.com
pagead2.googlesyndication.com
securityonline.info
static.addtoany.com
the.gatekeeperconsent.com
www.ezojs.com
www.googletagmanager.com
142.250.184.202
142.250.185.238
172.67.134.242
172.67.170.144
172.67.199.186
2a00:1450:4001:80b::200a
2a00:1450:4001:813::200e
2a04:fa87:fffe::c000:4902
2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d
002e4a06d56fc2e2cb7ddcf21645623ae5bf84f57ea59425359d5c2b97dfebbb
06f80283c6f1c140fa52e72e8efa51bd9129f08c806e0f2d2d08c3add2de9c8b
0774825d40fd1c2b5b659cf6a436abf0dbf4ffadd985bd10ecca750dbaf7a116
0dad3bd7baeed9c2acf8ba5a791b37809cac2c5c0f14ffad1e7768dd93d71463
1cd6396792d7bfdd898dcb9f2ee195387179b30fb4cc2cdc0c57575fab655230
265d49b8ace56978d396dd031f6b88cc3239ffbbd7f0fc2253ce0e6f1ee99020
30be558393bd8b0585c806a6eaed6d6f5b51d1ca63c0113061dfe35eaa128ce3
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3cefef7fc952707c97375ef3fa95a8c45a96eda7845d02bc1c28bf3570c0cfba
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
45fd2ba3960eed5c593360163563e703c8c333d4be5736119d53b84d666783ef
472ab5dc610bafd0db0959b7f43e8ff8e8c648634a8592912665f4c26890f414
49e967358d283778213b57a79bda101f744420ffde08f2ca4446431afe9eb832
4cdd05aeb1a1aacb2b016e3dd6e617b6b4b948c17624749bcbcbdbf17d7de3aa
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53731718ab10d0a5e783bd3eaef381aa420a233d429903bcde616619e25d330b
5dcda053fdba8ee13ea18d6c732ea35ea412b90900f0fa8c0594d0763057c83a
62beed72ff9c49f23ea945452acf5d6609d448ac5edb6119380dda7597c1e070
671c8dfa1598c8cf4f3376ae302eb0488578d9ef2b496d3874b223a02558bbae
6fca1361d81b8d8d05afbe947e257aef026891372b45e0d2de123a907a4ed1af
71e8d2faa3c5225c0b00c72bc6a6cefabbb24d3a662fab738bef052117914c9a
742d679ba576278f333b0b1d0702f57ba04ee78ae121fc67e25aaa19e2c2141a
7d81a1a7cc07e1ab196e40496d3f4359e9759f79d8ec883a46675ee69912950b
8027a5c64c0fe5132f2119cd1bfb824f10b51bde7a942233e80c3c3db6f4aac6
85329539fa153cff27a8d4326a6c92e52503b914a5e1d81232a14a0264a1e9f7
8b3a000db28359e0512e1484988806b9cdaeb457e29ef6b82bfe097e6eed3231
91752443751aedc9683727a5dccfb20edf4b9b33a836495eeb5d7562a96df570
925beb768cc9209c0f4de784f15d6c1dde72232c5b457cb186fdea749d07eae8
9a1e0d38b691f1d22a92cff65ec0439b428170ac39a4493c7ecb06d5585f56a3
9b41253384e2818bd0f76171d6ffd723d4c85c5e1a69da74f174489cb52a40ce
a03ff3c5e90f8a490583e6234244a83fe547ed8e37da298c9014b35f467f3cc4
a285bc82f73dbd55244657449b4d9b2ecae8b2ea622d5558432bc818bb847df2
a9c8b24e061fad8a69ab19708299952d79803d5065321138d273a6098d5ffabc
acdebf935ded5cb063dcca7c46be5bbc503af5e76e295f6d0b7093c4514ed256
b095b652e0f96d69436c32508f26f4f515fc9316c96fc500d20036a2d8a932cb
b7ab295287dbc061018951841d36dfafb57c17928383023d04c512f815dcd0ba
b80d4052c055fb0ec0f2f32f2336b7b6010c18c8443f503182a982bc129f77c1
bdb45214f548d4da3ec07c07d9f6f92f2fbff7d1ccefee55631d31729cf02a30
c17e32cb9ce5ad3c96b5f168ecfaeee0a45c536f88173b7d72f17d942e3a7e08
c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbf00b5be3a1a66e52613c9d2c3a2960e092c08391569b15b35f0b9617ef7e6d
d5b24a2b4bea863b0386349e3a8f1d0fa2403a28db5bf4113686e30ba3c60e0b
dacfc90d0a9df9baf0f9059db213f281d6ec726aa772d2b39d82e4293bac1f63
dcfeafb915fb5e0eaf4cce1e3abf6eeace381b5926e07261cbceffc30fa4e699
dd69529db7e9757556f356c46c125b2ef1ee7ca423a17814ed48658276799538
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebf968e400976b579ea9dcff5f0bc247a2b2371f9ce49c3b5829da4b7179f4f9
fae2dc10eaa5b7644e8f58c84f7fa0641b6a12b0bea27684105675f6bc45895e
fd6261240ed0f12a5cc73e1a74452182697f4b09560cdfbb3b2f17e0659a2f7f