securityonline.info Open in urlscan Pro
2600:1f10:4c55:e23d:5d5b:8bb5:8ae2:1fff  Public Scan

URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Submission: On January 16 via api from IN — Scanned from US

Summary

This website contacted 73 IPs in 6 countries across 50 domains to perform 314 HTTP transactions. The main IP is 2600:1f10:4c55:e23d:5d5b:8bb5:8ae2:1fff, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is securityonline.info.
TLS certificate: Issued by E5 on December 13th 2024. Valid for: 3 months.
This is the only time securityonline.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 2600:1f10:4c5... 14618 (AMAZON-AES)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
16 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
38 2606:4700:303... 13335 (CLOUDFLAR...)
63 2606:4700:303... 13335 (CLOUDFLAR...)
19 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 2620:100:a00b... 19750 (AS-CRITEO)
1 3 35.244.193.51 396982 (GOOGLE-CL...)
2 3 121.127.42.98 60068 (CDN77 Dat...)
1 2001:4998:14:... 14777 (YAHOO)
2 74.119.117.17 19750 (AS-CRITEO)
1 21 2606:4700:10:... 13335 (CLOUDFLAR...)
8 13 141.95.98.64 16276 (OVH OVH SAS)
1 34.107.165.188 396982 (GOOGLE-CL...)
1 35.173.157.167 14618 (AMAZON-AES)
5 6 52.223.40.198 16509 (AMAZON-02)
3 108.138.112.90 16509 (AMAZON-02)
1 108.138.106.70 16509 (AMAZON-02)
4 23.203.179.38 16625 (AKAMAI-AS)
1 108.138.128.46 16509 (AMAZON-02)
1 104.18.28.101 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:ae80:147... 26762 (CNVR-US-EAST)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 162.19.138.120 16276 (OVH OVH SAS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 18.238.61.15 16509 (AMAZON-02)
4 98.84.86.143 14618 (AMAZON-AES)
1 2a04:4e42:600... 54113 (FASTLY)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 34.36.214.49 396982 (GOOGLE-CL...)
2 23.45.193.13 16625 (AKAMAI-AS)
1 51.222.39.184 16276 (OVH OVH SAS)
2 199.250.161.129 26459 (TTD-ASN-01)
2 35.171.36.234 14618 (AMAZON-AES)
10 35.227.252.103 396982 (GOOGLE-CL...)
2 69.173.146.20 26667 (RUBICONPR...)
2 207.65.37.179 62713 (AS-PUBMATIC)
1 35.166.210.150 16509 (AMAZON-02)
3 3 68.67.160.132 29990 (ASN-APPNEX)
2 2 35.244.159.8 396982 (GOOGLE-CL...)
1 1 207.65.37.184 62713 (AS-PUBMATIC)
1 69.173.146.5 26667 (RUBICONPR...)
3 3 34.111.113.62 396982 (GOOGLE-CL...)
2 142.250.72.98 15169 (GOOGLE)
1 1 2620:112:f008... 26120 (RHYTHMONE)
2 2 2607:f350:3:2... 27630 (AS-XFERNET)
1 2 98.82.156.207 14618 (AMAZON-AES)
1 54.173.58.81 14618 (AMAZON-AES)
1 1 184.73.3.157 14618 (AMAZON-AES)
1 1 178.250.7.11 44788 (ASN-CRITE...)
1 1 54.145.229.83 14618 (AMAZON-AES)
1 1 8.28.7.81 62713 (AS-PUBMATIC)
1 1 34.198.219.205 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
4 18.238.76.128 16509 (AMAZON-02)
1 108.139.29.12 16509 (AMAZON-02)
1 23.200.198.128 16625 (AKAMAI-AS)
1 52.203.138.188 14618 (AMAZON-AES)
1 34.98.64.218 396982 (GOOGLE-CL...)
2 3 52.22.27.13 14618 (AMAZON-AES)
1 6 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2620:116:800b... 14618 (AMAZON-AES)
1 2600:9000:21d... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
4 159.203.117.170 14061 (DIGITALOC...)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a03:2880:f00... 32934 (FACEBOOK)
1 174.138.88.94 14061 (DIGITALOC...)
4 104.248.12.51 14061 (DIGITALOC...)
314 73
Apex Domain
Subdomains
Transfer
64 humix.com
www.humix.com — Cisco Umbrella Rank: 79747
video-meta.humix.com — Cisco Umbrella Rank: 29936
assets.humix.com — Cisco Umbrella Rank: 35688
streaming.humix.com — Cisco Umbrella Rank: 28307
846 KB
54 securityonline.info
securityonline.info
cdn-0.securityonline.info
1 MB
24 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1519
a.ad.gt — Cisco Umbrella Rank: 1619
p.ad.gt — Cisco Umbrella Rank: 1714
ids.ad.gt — Cisco Umbrella Rank: 1557
ids4.ad.gt — Cisco Umbrella Rank: 2415
pixels.ad.gt — Cisco Umbrella Rank: 1708
seg.ad.gt — Cisco Umbrella Rank: 1984
proton.ad.gt — Cisco Umbrella Rank: 4167
21 KB
19 ezojs.com
www.ezojs.com — Cisco Umbrella Rank: 16114
57 KB
16 ezodn.com
go.ezodn.com — Cisco Umbrella Rank: 11915
607 KB
14 openx.net
pa.openx.net — Cisco Umbrella Rank: 3484
rtb.openx.net — Cisco Umbrella Rank: 552
u.openx.net — Cisco Umbrella Rank: 761
ezoic-d.openx.net — Cisco Umbrella Rank: 25391
12 KB
14 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1004
id5-sync.com — Cisco Umbrella Rank: 533
47 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 377
direct.adsrvr.org — Cisco Umbrella Rank: 2340
v.adsrvr.org — Cisco Umbrella Rank: 6190
40 KB
10 google.com
analytics.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 3
cse.google.com — Cisco Umbrella Rank: 3364
clients1.google.com — Cisco Umbrella Rank: 510
164 KB
9 webpushr.com
cdn.webpushr.com — Cisco Umbrella Rank: 42125
bot.webpushr.com — Cisco Umbrella Rank: 53416
analytics.webpushr.com — Cisco Umbrella Rank: 47934
101 KB
9 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 347
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 687
aax.amazon-adsystem.com — Cisco Umbrella Rank: 468
s.amazon-adsystem.com — Cisco Umbrella Rank: 337
96 KB
7 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 506
184 KB
6 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 4382
30 KB
6 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 570
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 494
image2.pubmatic.com — Cisco Umbrella Rank: 886
image6.pubmatic.com — Cisco Umbrella Rank: 983
1 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
cm.g.doubleclick.net — Cisco Umbrella Rank: 284
35 KB
5 ezoic.com
videosvc.ezoic.com — Cisco Umbrella Rank: 29212
pbcache.ezoic.com
25 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 450
mug.criteo.com — Cisco Umbrella Rank: 3746
dis.eu.criteo.com — Cisco Umbrella Rank: 8562
2 KB
4 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 913
token.rubiconproject.com — Cisco Umbrella Rank: 500
eus.rubiconproject.com — Cisco Umbrella Rank: 616
2 KB
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1120
106 KB
4 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1453
cdn-ima.33across.com — Cisco Umbrella Rank: 1329
7 KB
4 gstatic.com
fonts.gstatic.com
csi.gstatic.com
81 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 262
2 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 470
1 KB
3 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 495
ib.adnxs.com — Cisco Umbrella Rank: 281
3 KB
3 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 576
683 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1536
pixel.quantserve.com — Cisco Umbrella Rank: 1059
10 KB
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 915
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946
581 B
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
15 KB
2 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2708
tags.crwdcntrl.net — Cisco Umbrella Rank: 1010
14 KB
2 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 995
check.analytics.rlcdn.com — Cisco Umbrella Rank: 3130
665 B
2 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 1660
1 KB
2 ezoic.net
g.ezoic.net — Cisco Umbrella Rank: 14639
84 B
2 sur.ly
cdn.sur.ly — Cisco Umbrella Rank: 253748
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
204 KB
2 gatekeeperconsent.com
the.gatekeeperconsent.com — Cisco Umbrella Rank: 14028
15 KB
1 facebook.com
graph.facebook.com — Cisco Umbrella Rank: 184
354 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1552
634 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 615
423 B
1 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 2446
505 B
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1533
168 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1126
443 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 712
1 zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 5939
7 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
17 KB
1 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3098
465 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1791
13 KB
1 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 548
392 B
1 a-mo.net
c3.a-mo.net — Cisco Umbrella Rank: 19499
595 B
0 Failed
function sub() { [native code] }. Failed
314 50
Domain Requested by
38 video-meta.humix.com go.ezodn.com
38 cdn-0.securityonline.info securityonline.info
cdn-0.securityonline.info
www.ezojs.com
23 streaming.humix.com go.ezodn.com
19 www.ezojs.com securityonline.info
16 go.ezodn.com securityonline.info
16 securityonline.info securityonline.info
www.ezojs.com
13 id5-sync.com 8 redirects www.ezojs.com
cdn.id5-sync.com
10 rtb.openx.net www.ezojs.com
9 ids.ad.gt 1 redirects
6 static.addtoany.com cdn-0.securityonline.info
static.addtoany.com
6 www.google.com 1 redirects www.google.com
6 match.adsrvr.org 5 redirects www.ezojs.com
5 p.ad.gt a.ad.gt
p.ad.gt
4 analytics.webpushr.com www.ezojs.com
4 cdn.webpushr.com securityonline.info
4 v.adsrvr.org
4 videosvc.ezoic.com go.ezodn.com
4 secure.cdn.fastclick.net securityonline.info
secure.cdn.fastclick.net
3 dpm.demdex.net 2 redirects
3 pixel.tapad.com 3 redirects
3 ads.yieldmo.com www.ezojs.com
go.ezodn.com
3 aax.amazon-adsystem.com c.amazon-adsystem.com
3 c.amazon-adsystem.com securityonline.info
c.amazon-adsystem.com
3 id.hadron.ad.gt www.ezojs.com
cdn.hadronid.net
3 lexicon.33across.com 1 redirects securityonline.info
cdn-ima.33across.com
3 imasdk.googleapis.com securityonline.info
imasdk.googleapis.com
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com securityonline.info
cdn.sur.ly
2 cse.google.com www.google.com
2 seg.ad.gt p.ad.gt
2 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
2 sync.go.sonobi.com 2 redirects
2 cm.g.doubleclick.net
2 u.openx.net 2 redirects
2 secure.adnxs.com 2 redirects
2 hbopenbid.pubmatic.com www.ezojs.com
2 prebid-server.rubiconproject.com www.ezojs.com
2 direct.adsrvr.org www.ezojs.com
2 ads.pubmatic.com go.ezodn.com
2 a.ad.gt cdn.hadronid.net
p.ad.gt
2 lb.eu-1-id5-sync.com www.ezojs.com
2 pagead2.googlesyndication.com imasdk.googleapis.com
2 mug.criteo.com securityonline.info
2 id.a-mx.com 1 redirects securityonline.info
2 gum.criteo.com 1 redirects
2 g.ezoic.net www.ezojs.com
2 cdn.sur.ly securityonline.info
2 www.humix.com securityonline.info
www.ezojs.com
2 www.googletagmanager.com securityonline.info
p.ad.gt
2 securepubads.g.doubleclick.net securityonline.info
imasdk.googleapis.com
2 the.gatekeeperconsent.com securityonline.info
1 bot.webpushr.com www.ezojs.com
1 graph.facebook.com static.addtoany.com
1 clients1.google.com
1 pixel.quantserve.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com securityonline.info
1 ezoic-d.openx.net go.ezodn.com
1 eus.rubiconproject.com go.ezodn.com
1 check.analytics.rlcdn.com www.ezojs.com
1 csi.gstatic.com imasdk.googleapis.com
1 proton.ad.gt p.ad.gt
1 pixels.ad.gt p.ad.gt
1 match.prod.bidr.io 1 redirects
1 ib.adnxs.com 1 redirects
1 image6.pubmatic.com 1 redirects
1 ice.360yield.com 1 redirects
1 dis.eu.criteo.com 1 redirects
1 rtb.gumgum.com 1 redirects
1 pbcache.ezoic.com www.ezojs.com
1 d.turn.com 1 redirects
1 token.rubiconproject.com
1 image2.pubmatic.com 1 redirects
1 ids4.ad.gt
1 onetag-sys.com go.ezodn.com
1 pa.openx.net go.ezodn.com
1 assets.humix.com
1 vjs.zencdn.net securityonline.info
1 s0.2mdn.net imasdk.googleapis.com
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 cdn.hadronid.net securityonline.info
1 cdn-ima.33across.com securityonline.info
1 tags.crwdcntrl.net securityonline.info
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 id.crwdcntrl.net www.ezojs.com
1 api.rlcdn.com www.ezojs.com
1 ups.analytics.yahoo.com www.ezojs.com
1 c3.a-mo.net 1 redirects
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.ezojs.com
1 cdn.id5-sync.com go.ezodn.com
1 ajax.googleapis.com securityonline.info
0 Failed securityonline.info
314 94
Subject Issuer Validity Valid
securityonline.info
E5
2024-12-13 -
2025-03-13
3 months crt.sh
gatekeeperconsent.com
WE1
2024-12-17 -
2025-03-17
3 months crt.sh
upload.video.google.com
WR2
2024-12-09 -
2025-03-03
3 months crt.sh
*.g.doubleclick.net
WR2
2024-12-09 -
2025-03-03
3 months crt.sh
ezodn.com
WE1
2024-12-15 -
2025-03-15
3 months crt.sh
*.google-analytics.com
WR2
2024-12-09 -
2025-03-03
3 months crt.sh
cdn-0.securityonline.info
WE1
2024-11-27 -
2025-02-25
3 months crt.sh
www.humix.com
WE1
2025-01-11 -
2025-04-12
3 months crt.sh
www.ezojs.com
WE1
2024-12-25 -
2025-03-25
3 months crt.sh
sur.ly
WE1
2024-12-01 -
2025-03-01
3 months crt.sh
*.gstatic.com
WR2
2024-12-09 -
2025-03-03
3 months crt.sh
id5-sync.com
WE1
2024-11-28 -
2025-02-26
3 months crt.sh
ezoic.net
E5
2025-01-11 -
2025-04-11
3 months crt.sh
*.google.com
WR2
2024-12-09 -
2025-03-03
3 months crt.sh
*.doubleclick.net
WR2
2024-12-09 -
2025-03-03
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-12-03 -
2025-03-03
3 months crt.sh
sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2024-11-22 -
2025-05-21
6 months crt.sh
id.hadron.ad.gt
WE1
2024-11-18 -
2025-02-16
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2024-02-06 -
2025-03-05
a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02
2024-09-07 -
2025-10-07
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2024-04-23 -
2025-05-25
a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M03
2024-11-19 -
2025-12-18
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-12-22 -
2026-01-21
a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2024-08-07 -
2025-08-07
a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2024-09-05 -
2025-09-30
a year crt.sh
hadronid.net
WE1
2024-11-22 -
2025-02-20
3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018
2024-06-17 -
2025-07-19
a year crt.sh
lexicon.33across.com
WR3
2024-12-29 -
2025-03-29
3 months crt.sh
eu-1-id5-sync.com
R11
2024-11-11 -
2025-02-09
3 months crt.sh
a.ad.gt
WE1
2024-12-03 -
2025-03-03
3 months crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-12-06 -
2026-01-04
a year crt.sh
*.ezoic.com
Amazon ECDSA 256 M03
2024-10-22 -
2025-11-20
a year crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2024 Q4
2025-01-07 -
2026-02-08
a year crt.sh
video-meta.humix.com
WE1
2024-12-26 -
2025-03-26
3 months crt.sh
assets.humix.com
WE1
2024-12-10 -
2025-03-10
3 months crt.sh
streaming.humix.com
WE1
2024-12-26 -
2025-03-27
3 months crt.sh
pa.openx.net
WR3
2025-01-09 -
2025-04-09
3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2024-11-27 -
2025-11-30
a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-23 -
2025-01-29
a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M03
2024-07-15 -
2025-08-14
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2024-08-14 -
2025-08-18
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-04-03
8 months crt.sh
p.ad.gt
WE1
2024-12-06 -
2025-03-06
3 months crt.sh
ids.ad.gt
WE1
2025-01-12 -
2025-04-12
3 months crt.sh
*.ad.gt
Amazon RSA 2048 M02
2024-03-10 -
2025-04-08
a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2024-04-24 -
2025-04-17
a year crt.sh
pixels.ad.gt
WE1
2025-01-01 -
2025-04-01
3 months crt.sh
seg.ad.gt
WE1
2025-01-01 -
2025-04-01
3 months crt.sh
proton.ad.gt
WE1
2025-01-03 -
2025-04-03
3 months crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02
2024-05-26 -
2025-06-24
a year crt.sh
quantserve.com
R11
2024-12-21 -
2025-03-21
3 months crt.sh
*.webpushr.com
Sectigo RSA Domain Validation Secure Server CA
2024-05-16 -
2025-05-17
a year crt.sh
static.addtoany.com
WE1
2025-01-02 -
2025-04-02
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-10-25 -
2025-01-23
3 months crt.sh

This page contains 16 frames:

Primary Page: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Frame ID: 849E3E18E57A326C900D9033E74798BC
Requests: 295 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-MVCLJGE8T6&gacid=1798414781.1737005226&gtm=45je51d0v879576258za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&z=879334850
Frame ID: C76254BD6138F9F34C84E431F92E6F74
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.679.0_en.html
Frame ID: AE510D56EBBA5E7FB1DF550F553AC973
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: AAC3DA1A2A063D69D2E332F9C1F02D9E
Requests: 1 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: 8F6EB0643EB7F14F23C657968A3CC226
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: 0F1F59623799D7DE0DBAD6232E640B67
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/static/topicsapi.html?bidder=onetag
Frame ID: 3220D02E38DAD0EA18F273F9F374ED68
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.679.0_en.html
Frame ID: C183644616E32C9894D558B2F0C04F55
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: EEF1EEFA2C4F242908FBB5AC3757CDC8
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_rx_n-acuityads_n-MediaNet_ox-db5_n-adYouLike_n-smaato_n-adman-v2_n-onetag_pm-db5_ym_sovrn_gg_n-adMediaV1_n-Beeswax_smrt_cnv_n-inmobi_n-sharethrough_rbd_ppt_n-baidu_an-db5_3lift&dcc=t
Frame ID: C2ECA4148C5300C06D832591FDBF5365
Requests: 1 HTTP requests in this frame

Frame: https://proton.ad.gt/join-ad-interest-groups.html
Frame ID: 0163AB29DF233A43797160ED7C62690B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Frame ID: D64C5BB592DAF8C6CAC5D24A5B0CCBDA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: AFEB19261D9C2B8A31AC0B70E917E557
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 96E1CBD506ECA96E70A64F08CC731CE9
Requests: 1 HTTP requests in this frame

Frame: https://ezoic-d.openx.net/w/1.0/pd
Frame ID: 8880DBB13A4D1B30E48B428FBAFB84CA
Requests: 1 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 176CCF6B95ABA294F42278E16CF5E4AC
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

DLL Side-Loading Strikes Again: Yokai Backdoor Bypasses Security

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

314
Requests

92 %
HTTPS

45 %
IPv6

50
Domains

94
Subdomains

73
IPs

6
Countries

3816 kB
Transfer

12002 kB
Size

279
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002MpnPqAAJ&gdpr=0&src=pbjs&ver=9.26.0&coppa=0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002MpnPqAAJ&gdpr=0&src=pbjs&ver=9.26.0&coppa=0&b=1&tp=oeW5r14m2XBTlR3QjboN8eceOxBgsfbG3tMrb1Mz9%2Fg%3D
Request Chain 95
  • https://id.a-mx.com/sync/?tagId=&ref=null&u=https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/&tl=https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/&nf=0&rt=true&v=9.26.0&av=2.0&vg=epbjs&us_privacy=null&am=null&gdpr=0&gdpr_consent= HTTP 302
  • https://c3.a-mo.net/b?uid=a53e35ea-33ef-45b6-a928-2e0326998fa9&sh=id.a-mx.com& HTTP 302
  • https://id.a-mx.com/set?oid=a53e35ea-33ef-45b6-a928-2e0326998fa9&uid=a53e35ea-33ef-45b6-a928-2e0326998fa9&
Request Chain 97
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityonline.info%2F&domain=securityonline.info&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=y6BY3Hx1WUlQRWJpMlpIRXRNNU9UWUYxNnc3OVMxNWxjMEw2eFZQejI2NGRmbitsb2pmcVVqV3h6Yy94b3paVkVGTzdYSDRPdWJNRzZVNW1TbmZHRXhnSHRqZ2RuQS93ckNnamR3MG5ra1hEUE41Wm9PaXV2ZGUyaXdFbmxUVzNhaUFIaXNNWjludkJINERPWEpCdytwZCtWTFdFZTk1NkNvRWZvN0NNOHJidWNEZ1VFMGgybnVrcXY2cGZURk1pcXdpMmZqaDdIUFIvR2p6eTVxZHplRjJFd0liV0doN0xYMDRBcUtDTXJYcFgrK3g5cExjZ29OcS9Yc1Mxc3A0QmE1MUJwWGh6d2xyQmRSSlpMcm9vZUVDeVpGQT09fA&cppv=2
Request Chain 225
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001737005227-M0HHJ8S7-VNRK&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001737005227-M0HHJ8S7-VNRK%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001737005227-M0HHJ8S7-VNRK&adnxs_id=7598602906354632452&gdpr=0
Request Chain 226
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001737005227-M0HHJ8S7-VNRK%26auid%3DAU1D-0100-001737005227-M0HHJ8S7-VNRK HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001737005227-M0HHJ8S7-VNRK%26auid%3DAU1D-0100-001737005227-M0HHJ8S7-VNRK HTTP 302
  • https://ids.ad.gt/api/v1/openx?openx_id=6c26ca9c-82e1-42ea-ba1c-38b86afaba9a&id=AU1D-0100-001737005227-M0HHJ8S7-VNRK&auid=AU1D-0100-001737005227-M0HHJ8S7-VNRK
Request Chain 227
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001737005227-M0HHJ8S7-VNRK HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=1A89B63C-D324-4FB0-8B84-097486FF6AB8&id=AU1D-0100-001737005227-M0HHJ8S7-VNRK
Request Chain 229
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001737005227-M0HHJ8S7-VNRK&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=93be9921-3803-49b8-adb8-c78725624e3e&id=AU1D-0100-001737005227-M0HHJ8S7-VNRK
Request Chain 230
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001737005227-M0HHJ8S7-VNRK&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001737005227-M0HHJ8S7-VNRK%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001737005227-M0HHJ8S7-VNRK&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001737005227-M0HHJ8S7-VNRK%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=7f24ca07-3833-41f4-bd26-f2c20080858f%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001737005227-M0HHJ8S7-VNRK%252526tapad_id%25253D7f24ca07-3833-41f4-bd26-f2c20080858f%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=93be9921-3803-49b8-adb8-c78725624e3e&ttd_puid=7f24ca07-3833-41f4-bd26-f2c20080858f%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001737005227-M0HHJ8S7-VNRK%2526tapad_id%253D7f24ca07-3833-41f4-bd26-f2c20080858f%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001737005227-M0HHJ8S7-VNRK&tapad_id=7f24ca07-3833-41f4-bd26-f2c20080858f
Request Chain 232
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001737005227-M0HHJ8S7-VNRK HTTP 302
  • https://ids.ad.gt/api/v1/amo_match?turn_id=7586621902394839670&id=AU1D-0100-001737005227-M0HHJ8S7-VNRK
Request Chain 233
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001737005227-M0HHJ8S7-VNRK&uid=[UID]&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001737005227-M0HHJ8S7-VNRK&uid=18c6e4b5-0e96-47c4-9a96-38efe707f0ad&gdpr=0
Request Chain 234
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001737005227-M0HHJ8S7-VNRK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTczNzAwNTIyNy1NMEhISjhTNy1WTlJL
Request Chain 235
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_rx_n-acuityads_n-MediaNet_ox-db5_n-adYouLike_n-smaato_n-adman-v2_n-onetag_pm-db5_ym_sovrn_gg_n-adMediaV1_n-Beeswax_smrt_cnv_n-inmobi_n-sharethrough_rbd_ppt_n-baidu_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_rx_n-acuityads_n-MediaNet_ox-db5_n-adYouLike_n-smaato_n-adman-v2_n-onetag_pm-db5_ym_sovrn_gg_n-adMediaV1_n-Beeswax_smrt_cnv_n-inmobi_n-sharethrough_rbd_ppt_n-baidu_an-db5_3lift&dcc=t
Request Chain 241
  • https://id5-sync.com/i/457/8.gif?o=api&id5id=ID5*U1vbb4JqlROHhgvGF3U96IaGiw17HC4S99u-KfgTgcjub72MjGKnLjpAEqqstoFd&gdpr_consent=undefined&gdpr=false&gpp=DBAA&gpp_sid= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F434%2F7%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D%26gpp%3DDBAA%26gpp_sid%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/457/434/7/2.gif?puid=18c6e4b5-0e96-47c4-9a96-38efe707f0ad&gdpr=0&gdpr_consent=&gpp=DBAA&gpp_sid= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=93be9921-3803-49b8-adb8-c78725624e3e&ttl=%%TTL%% HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F441%2F5%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/457/441/5/4.gif?puid=u_fad9cc66-243d-4574-b4f9-a7364700a7df&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F203%2F4%2F5.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/457/203/4/5.gif?puid=250ec7ba-47cb-4e36-acf2-93ba64c0b6d2&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-1ed14FQqTeW4tJh1S4K25Lg0UxkikUyV5QF3mi0-lg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F457%2F124%2F3%2F6.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/457/124/3/6.gif?puid=e16e7314-70f4-4c76-bb2f-6ce360069091&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F429%2F2%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/457/429/2/7.gif?puid=1A89B63C-D324-4FB0-8B84-097486FF6AB8&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/457/2/1/8.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/457/2/1/8.gif?puid=7598602906354632452&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AACxVU7PETEAABVB8M1CrQ&id5AccountNum=155&numCascadesAllowed=9
Request Chain 280
  • https://match.adsrvr.org/track/usersync?us_privacy=&gdpr=0&gdpr_consent=undefined&ust=image HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=93be9921-3803-49b8-adb8-c78725624e3e&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=93be9921-3803-49b8-adb8-c78725624e3e&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=93be9921-3803-49b8-adb8-c78725624e3e
Request Chain 288
  • https://www.google.com/cse/cse.js?cx=000577952335514451944:olq_fi17mqa HTTP 301
  • https://cse.google.com/cse/cse.js?cx=000577952335514451944:olq_fi17mqa

314 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
114 KB
25 KB
Document
General
Full URL
https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:5d5b:8bb5:8ae2:1fff Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
dfd1adc29c0a401de750931a6c4a6c9574d2454e9bb21046caa108f9b27b4d67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 16 Jan 2025 05:27:05 UTC
display
pub_site_sol
expires
Wed, 15 Jan 2025 05:27:05 GMT
link
<https://securityonline.info/wp-json/>; rel="https://api.w.org/", <https://securityonline.info/wp-json/wp/v2/posts/98405>; rel="alternate"; title="JSON"; type="application/json", <https://securityonline.info/?p=98405>; rel=shortlink
pagespeed
off
response
200
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding,User-Agent
x-ez-minify-html
12.51% 108577 / 124099
x-ezoic-cdn
Miss
x-middleton-display
pub_site_sol
x-middleton-response
200
x-origin-cache-control
x-pingback
https://securityonline.info/xmlrpc.php
x-sol
pub_site
gppstub.js
the.gatekeeperconsent.com/gpp/v1/
3 KB
2 KB
Script
General
Full URL
https://the.gatekeeperconsent.com/gpp/v1/gppstub.js?cb=2
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ddf77f07598a4b2f2c79d120b08ea0f382a9c6d480898c71ae65f2f9df62fee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
age
635458
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iZshPNYSSA8DRXZx8anzffI0sPWl23KrcS7KKJbbPE%2Fk2FfgVHajfRGeF18yCjW%2FgjrBN%2BSqme7G7Jzh8GCZJCKMn3L%2BTliDJlBwW5yZd3kyhvJPpGr0ehy7ShJkZ%2Bth2Sm6ydk10vahRS31IFVl3SwTVdx3Xefr"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9606&min_rtt=9509&rtt_var=2075&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4172&recv_bytes=4282&delivery_rate=61201&cwnd=12000&unsent_bytes=0&cid=43c56d46cb96b9a4&ts=32&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Wed, 08 Jan 2025 20:56:07 GMT
priority
u=3,i=?0
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
902bb1c48ee28191-IAD
server
cloudflare
hacker-3480124_1280.jpg
securityonline.info/wp-content/uploads/2024/11/
152 KB
153 KB
Image
General
Full URL
https://securityonline.info/wp-content/uploads/2024/11/hacker-3480124_1280.jpg?ezimgfmt=rs%3Adevice%2Frscb1-1
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:5d5b:8bb5:8ae2:1fff Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
8342d04e6df2388f78f1feb9969956a7431103f703b6a636e7e3cf6287204e92

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/

Response headers

x-ezoic-cdn
Miss
x-origin-cache-control
max-age=2592000
cache-control
public, max-age=31536000
etag
"672c81e0-28673-gzip"
pragma
public
x-middleton-response
200
response
200
expires
Sat, 15 Feb 2025 05:27:05 GMT
date
Thu, 16 Jan 2025 05:27:05 UTC
x-middleton-display
staticcontent_sol
content-type
image/jpeg
last-modified
Thu, 07 Nov 2024 09:01:20 GMT
server
nginx
display
staticcontent_sol
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
age
55937
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Thu, 15 Jan 2026 13:54:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 15 Jan 2025 13:54:48 GMT
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
31017
x-xss-protection
0
server
sffe
gpt.js
securepubads.g.doubleclick.net/tag/js/
107 KB
33 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20122c1eb6e0dc7ee356b1c8b5f887ab7f6f281659f96dfeb6309f7adc9d403a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
br
etag
487 / 20104 / 31089750 / config-hash: 9214759981060317035
x-content-type-options
nosniff
expires
Thu, 16 Jan 2025 05:27:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 16 Jan 2025 05:27:05 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
34238
x-xss-protection
0
server
cafe
dall.js
go.ezodn.com/hb/
726 KB
238 KB
Script
General
Full URL
https://go.ezodn.com/hb/dall.js?cb=195-2-113
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8e79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eee181754e1b1b4e9ea71e98826e3c2845296922161653bafbebf5ed5fa75d0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
48439
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GAOKut%2F3b4Ws%2FTwGKPCtCZXHw7n82DkrkY7cVX2IWgGrI4%2BVf6SGwzHXl%2FrJ8lU7OhYp6RD109Gj%2B3%2FSiAQzdXo8D%2BGiMbclFZnUO7tCExW3WPKSLk1pA%2BFWiEMOYl3qXmV3pvIXlJ%2FESnk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
902bb1c4885dc940-IAD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9374&min_rtt=9094&rtt_var=2136&sent=13&recv=9&lost=0&retrans=0&sent_bytes=4171&recv_bytes=4297&delivery_rate=63444&cwnd=12000&unsent_bytes=0&cid=86fd5833d43b53f8&ts=29&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
last-modified
Wed, 15 Jan 2025 15:59:46 GMT
priority
u=1,i=?0
js
www.googletagmanager.com/gtag/
315 KB
107 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MVCLJGE8T6
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
10d82c69c5bd4a1341a2bc6ccc9506591da0fa962b1911278050cffde55716ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 16 Jan 2025 05:27:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 16 Jan 2025 05:27:05 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109079
x-xss-protection
0
server
Google Tag Manager
css
fonts.googleapis.com/
16 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700|Oswald:400,700&display=optional
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d4e533969eccba5295e3365bddced9fb030d7a7abe31d53b7ccb4d32a49b6db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://securityonline.info
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 16 Jan 2025 05:27:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 16 Jan 2025 05:27:05 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 16 Jan 2025 05:27:05 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
wgs2.css
cdn-0.securityonline.info/wp-content/plugins/wp-google-search/
3 KB
2 KB
Stylesheet
General
Full URL
https://cdn-0.securityonline.info/wp-content/plugins/wp-google-search/wgs2.css?ezmin=true&ff=1&ver=6.7.1&wps=false&ez_used_css_s=122
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:19f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd6261240ed0f12a5cc73e1a74452182697f4b09560cdfbb3b2f17e0659a2f7f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"62eaa675-a60-gzip"
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P5QXc5yISDzsC8l%2BTmdnEuf8hlZ68c1giMXSJ38blrKMRhcg6Y7AGAqBd0XfIkiswqtz3W9bIPqCAyIYIJhKFMs5JtxYmbHxjgSkxVpX%2FbeAaBuBt0gyaHP1Ihs7vU7EgvE8g5ZxfK1vzhnO4u2RAPrDtiluydYo"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9730&min_rtt=9340&rtt_var=2202&sent=17&recv=19&lost=0&retrans=0&sent_bytes=9461&recv_bytes=8339&delivery_rate=62308&cwnd=12000&unsent_bytes=0&cid=453993dd4417e33b&ts=48&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Wed, 03 Aug 2022 16:46:45 GMT
x-ezoic-cdn
Hit d2;mm;9df51fa0c39f1fd3877c029121c4b3e6;2-124533-178;hAx4dWRC6UU7h41XeUCuk
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
x-sol
orig
cf-ray
902bb1c4ba23c950-IAD
x-origin-cache-control
max-age=2592000
server
cloudflare
style.min.css
cdn-0.securityonline.info/wp-includes/css/dist/block-library/
4 KB
2 KB
Stylesheet
General
Full URL
https://cdn-0.securityonline.info/wp-includes/css/dist/block-library/style.min.css?ezmin=true&ff=1&ver=6.7.1&wps=false&ez_used_css_s=122
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:19f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3e439d54af5c26edac8bb0152ab594485138a24942eaa96311e3d78f1c2ad91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"673bdd27-1c012-gzip"
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NJlAb0Kmnudm09tjOwifS%2BnUlUZ4XsVIvkoaz%2Bzt7BXf7xiXIeFV0h0eOyn%2FJJKSpZ5yuLAuWiwYclesi30MITxEV%2F%2Biq6lEFnJnQzKqcoiP7DwMVKgBPLi%2BtJq1o6sfBxa2T7AK6ls9uR3QnMD0vscyt5m7WxDx"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10114&min_rtt=9340&rtt_var=1150&sent=26&recv=25&lost=0&retrans=0&sent_bytes=17131&recv_bytes=8597&delivery_rate=335537&cwnd=12000&unsent_bytes=0&cid=453993dd4417e33b&ts=60&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Tue, 19 Nov 2024 00:34:47 GMT
x-ezoic-cdn
Hit d2;mm;1d5e4e575b1fd1c27787a718da22d39d;2-124533-178;Umedz9IQt4-7PGw5i7h7x
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
x-sol
orig
cf-ray
902bb1c4ba22c950-IAD
x-origin-cache-control
max-age=2592000
server
cloudflare
bootstrap.min.css
cdn-0.securityonline.info/wp-content/themes/morenews/assets/bootstrap/css/
118 KB
20 KB
Stylesheet
General
Full URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/bootstrap/css/bootstrap.min.css?ezmin=true&ff=1&ver=1.0.26&wps=false&ez_used_css_s=122
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:19f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ab609be395a2987812b2590e145bffd46a3b2aa0fb270ec7130ff7d59f63366

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"6782191e-1d988-gzip"
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=547Z4uNfyboxYOW6AXIjnItoQjK03TQ0NtI4fluZek81EM%2FzitsXup7QbB8FbJzgRUS7h9XGciaqZUG7mdAQ2CLiwWKnyO6n9aIbWhOVCFPxJtLbWeaeU9UKZ6zP1pmJ3zX5eLk9VEFN%2BhZh%2FNhlOYWWS9o5JCvP"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10371&min_rtt=9340&rtt_var=1376&sent=31&recv=27&lost=0&retrans=0&sent_bytes=21385&recv_bytes=8980&delivery_rate=384755&cwnd=12000&unsent_bytes=0&cid=453993dd4417e33b&ts=69&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Sat, 11 Jan 2025 07:09:18 GMT
x-ezoic-cdn
Hit d2;mm;994ed0aba18fce04ab287b25b37921b8;2-124533-178;By9yjv534FkT1tZ_XBQKA
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
x-sol
orig
cf-ray
902bb1c4ba1ec950-IAD
x-origin-cache-control
max-age=2592000
server
cloudflare
style.min.css
cdn-0.securityonline.info/wp-content/themes/morenews/
305 KB
42 KB
Stylesheet
General
Full URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/style.min.css?ezmin=true&ff=1&ver=1.0.26&wps=false&ez_used_css_s=122
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:19f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7919708468cd88f05fd2b2dead3eea017157d1f7f2d17526135234040ef20217

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"6782191e-4c51e-gzip"
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FtdHK9gXVK6lrN7AYOfC4xzqmeK4AZFmFhdezW3HtpQUqVu8V%2BCtL%2BEzzaG%2BOmdP99XNdvVFaucAGpOp2u5Etf6LIpih5Vd2WHdG%2FeTfhqMW%2BH1xY2B6W8QzV6%2FrL%2B5PqqfVfxjSR7bGwzjgaQZJCNCWNirC9XZs"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10553&min_rtt=9340&rtt_var=1395&sent=40&recv=28&lost=0&retrans=0&sent_bytes=31554&recv_bytes=9023&delivery_rate=116575&cwnd=13200&unsent_bytes=0&cid=453993dd4417e33b&ts=73&x=1", cfExtPri, cfHdrFlush;dur=6
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Sat, 11 Jan 2025 07:09:18 GMT
x-ezoic-cdn
Hit d2;mm;c640a9e74f6c34eb80d3f8b89895f36a;2-124533-178;4OrHo8ieqJpYdD_ALE3Dk
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
x-sol
orig
cf-ray
902bb1c4ba26c950-IAD
x-origin-cache-control
max-age=2592000
server
cloudflare
style.css
cdn-0.securityonline.info/wp-content/themes/globalnews/
15 KB
5 KB
Stylesheet
General
Full URL
https://cdn-0.securityonline.info/wp-content/themes/globalnews/style.css?ezmin=true&ff=1&ver=1.0.26&wps=false&ez_used_css_s=122
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:19f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c771e778b9cb029101b91fc1aa1f2f1e682cbd1222a8227a797396b8fe042f3c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"678723d5-3d6d-gzip"
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x9vBV7BkUMoYM1LEChvwxBw06MUODN1MYa5hDYApJcsXQCiPuECt51UoUZlSedtLbNFnqEf8Qtd%2BX2xovu8N8C5gdviHDzabCkZ2AKzcvU8WJy%2FfHJRX%2FDDuWMELSp5i1y1T%2BD4wnFXZ2zKtHUpshqafNNUxR7M2"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9730&min_rtt=9340&rtt_var=2202&sent=12&recv=19&lost=0&retrans=0&sent_bytes=4250&recv_bytes=8339&delivery_rate=62308&cwnd=12000&unsent_bytes=0&cid=453993dd4417e33b&ts=47&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Wed, 15 Jan 2025 02:56:21 GMT
x-ezoic-cdn
Hit d2;mm;32093dd57fd63f2170f7ee6cc8d2a210;2-124533-178;RmtfFRyTrF70IdThhg0bI
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
x-sol
orig
cf-ray
902bb1c4ba28c950-IAD
x-origin-cache-control
max-age=2592000
server
cloudflare
void(0)
/
0
0

style.css
cdn-0.securityonline.info/wp-content/themes/morenews/assets/icons/
2 KB
1 KB
Stylesheet
General
Full URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/icons/style.css?ezmin=true&ff=1&ver=6.7.1&wps=false&ez_used_css_s=122
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:19f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2702fc71d009ad872a780c529ab1a83da966da51bb94f8b60c4c9a1ca1b9940d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"6782191e-1470-gzip"
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1S8OnJkjZ6SRXl0JISTbsIuBFlbCQaih9Q4%2Fq8E1cbuMXsWy5fUwRZAivGJk7n7NvCr8A6X8WUDBnx7xb2LiCpgIVdKjui%2FKJh%2F%2FEfN%2BJIheIsbuVpvZvs%2Bb7SGvYetQYblOUOe2zcvNmdzFYwcOjF0464AGBA6o"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9730&min_rtt=9340&rtt_var=2202&sent=23&recv=19&lost=0&retrans=0&sent_bytes=14673&recv_bytes=8339&delivery_rate=62308&cwnd=12000&unsent_bytes=0&cid=453993dd4417e33b&ts=50&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Sat, 11 Jan 2025 07:09:18 GMT
x-ezoic-cdn
Hit d2;mm;06102341bd3f4f590bfe1fa314dfef47;2-124533-178;M61jp3HeHRwpL5SFLweDk
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
x-sol
orig
cf-ray
902bb1c4ba2ac950-IAD
x-origin-cache-control
max-age=2592000
server
cloudflare
slick.min.css
cdn-0.securityonline.info/wp-content/themes/morenews/assets/slick/css/
0
903 B
Stylesheet
General
Full URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/slick/css/slick.min.css?ezmin=true&ff=1&ver=6.7.1&wps=false&ez_used_css_s=122
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:19f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

cf-cache-status
MISS
etag
W/"6782191e-530"
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GUlk7rbUkGBdc92rBSIocFuYDG4dV4WGK%2FiS0a6L0Jgx5TwhSqG4Nn3vTh773NUYSwBmaLARsHg5dsnCYfyGvAEw3rCdbg%2FEr1TbI%2BIGmiqpBOvjEkwMG5%2BgHLzy0EPWLHZWbkCcBWy7FXGpLrONss4ys4HmhlHQ"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9730&min_rtt=9340&rtt_var=2202&sent=20&recv=19&lost=0&retrans=0&sent_bytes=12360&recv_bytes=8339&delivery_rate=62308&cwnd=12000&unsent_bytes=0&cid=453993dd4417e33b&ts=50&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Sat, 11 Jan 2025 07:09:18 GMT
x-ezoic-cdn
Hit d2;mm;4b009a41434cd46878a7edf3b015f2e6;2-124533-178;5GCdUI9ktBdLsydC1hNTE
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
x-sol
orig
cf-ray
902bb1c4ba2dc950-IAD
accept-ranges
bytes
content-length
0
x-origin-cache-control
max-age=2592000
server
cloudflare
jquery.sidr.dark.css
cdn-0.securityonline.info/wp-content/themes/morenews/assets/sidr/css/
210 B
1 KB
Stylesheet
General
Full URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/sidr/css/jquery.sidr.dark.css?ezmin=true&ff=1&ver=6.7.1&wps=false&ez_used_css_s=122
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:19f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d0951afec73f5cd567aae9e424f9ab3a9b960b93cb09375783ac2d19c9a5c28

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"6782191e-3e6-gzip"
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V9L2i7SwrGOvJ9LLlR%2Bv5K%2BVrcvOQW2WjJ01%2F%2FZRs5cTogU%2BoRUH%2B3u8I%2BqL1O0lyX1SJ58OstsncvqWo0vLTcwB8aIjeM%2BDH5jfHELGg7rctzwjK3VCNOA42dtU%2F0jcz1j0prEtI6uQFRco354iwxfvhFmPEIZY"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9730&min_rtt=9340&rtt_var=2202&sent=19&recv=19&lost=0&retrans=0&sent_bytes=11249&recv_bytes=8339&delivery_rate=62308&cwnd=12000&unsent_bytes=0&cid=453993dd4417e33b&ts=49&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Sat, 11 Jan 2025 07:09:18 GMT
x-ezoic-cdn
Hit d2;mm;1af1091e93c694502270a2416e914f2e;2-124533-178;Fp_tLh422r1ThhLn1ytdo
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
x-sol
orig
cf-ray
902bb1c4ba2ec950-IAD
x-origin-cache-control
max-age=2592000
server
cloudflare
magnific-popup.css
cdn-0.securityonline.info/wp-content/themes/morenews/assets/magnific-popup/
0
902 B
Stylesheet
General
Full URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/magnific-popup/magnific-popup.css?ezmin=true&ff=1&ver=6.7.1&wps=false&ez_used_css_s=122
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:19f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

cf-cache-status
MISS
etag
W/"6782191e-1b27"
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZBJbWkjElUxbLxDSJEk4q02lmqfTTEgZRVhl7NJLuFzZpEUHOG6eKKkFzhTCuaSMNObxVoIrHRS7Zy3gRxiYmMBqaTF6tsB0P7oTUIaNKmiya%2BOXLMb2pYZ7muRq2xhHwmVNGCDMvc1pcZ4n2co96G8LiPr46Vgp"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9730&min_rtt=9340&rtt_var=2202&sent=23&recv=19&lost=0&retrans=0&sent_bytes=14673&recv_bytes=8339&delivery_rate=62308&cwnd=12000&unsent_bytes=0&cid=453993dd4417e33b&ts=50&x=1", cfExtPri, cfHdrFlush;dur=7
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Sat, 11 Jan 2025 07:09:18 GMT
x-ezoic-cdn
Hit d2;mm;36d27e548eb93ecd1764f30ee1deb8e0;2-124533-178;8GPyWqSxpdPgYwSe-XSHd
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
x-sol
orig
cf-ray
902bb1c4ba32c950-IAD
accept-ranges
bytes
content-length
0
x-origin-cache-control
max-age=2592000
server
cloudflare
addtoany.min.css
cdn-0.securityonline.info/wp-content/plugins/add-to-any/
1011 B
1 KB
Stylesheet
General
Full URL
https://cdn-0.securityonline.info/wp-content/plugins/add-to-any/addtoany.min.css?ezmin=true&ff=1&ver=1.16&wps=false&ez_used_css_s=122
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:19f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4f6d8d1b8ead8749943f4b9007733249443cd0270d950a6097f9394da2e0f7e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"677b8ecb-644-gzip"
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IF9o4G%2FbJs2%2BxA3ro23vQQve0a7E11qwNuDYpz77iJcdTInc%2F04URTzx8Oge8Ibgz8JThG9F3rav5koGIvIJuJfrtGUr%2Bwaq6ErHFIa5yy1iEVkFVJg2F1sRtpGfT%2FwEpwxWI6mQB82y5qz3VVYPUgDXBn3WIqBS"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9730&min_rtt=9340&rtt_var=2202&sent=21&recv=19&lost=0&retrans=0&sent_bytes=13286&recv_bytes=8339&delivery_rate=62308&cwnd=12000&unsent_bytes=0&cid=453993dd4417e33b&ts=50&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
staticcontent_sol, orig_site_sol
content-type
text/css
last-modified
Mon, 06 Jan 2025 08:05:31 GMT
x-ezoic-cdn
Hit d2;mm;eecbacecfea4e2ea8354bfd6b17cd53e;2-124533-178;Jeux2O19NQ0lBxzq0-d7l
display
staticcontent_sol, orig_site_sol
vary
Accept-Encoding,User-Agent,Origin
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
x-sol
orig
cf-ray
902bb1c4ba33c950-IAD
x-origin-cache-control
max-age=2592000
server
cloudflare
ccpaplus.js
the.gatekeeperconsent.com/ccpa/v2/
85 KB
14 KB
Script
General
Full URL
https://the.gatekeeperconsent.com/ccpa/v2/ccpaplus.js?cb=10
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b4b0c126d0534a8956d7d2205c0f1270a315254b52eabe79f856c9a89a980c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
age
635458
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1NF9%2BlnoqaRr%2FWlFfAKU0uXDrWsdc4P2Dw1AFSMHVldBXRreJOwVWC6fkm5d4o%2BMUUsO13c5IsbhPvhPfgKFo3rDXycEOusUMsLpm0UTJA6%2B4GnqgGKExYtfLKSO7SK5h5iQC3UPlsBdVCgDWzpgBQt%2FASsqPBsW"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10676&min_rtt=9509&rtt_var=3042&sent=15&recv=12&lost=0&retrans=0&sent_bytes=6129&recv_bytes=4650&delivery_rate=141183&cwnd=12000&unsent_bytes=0&cid=43c56d46cb96b9a4&ts=170&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Wed, 08 Jan 2025 20:56:07 GMT
priority
u=3,i=?0
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
902bb1c55f878191-IAD
server
cloudflare
video.js
www.humix.com/
21 KB
9 KB
Script
General
Full URL
https://www.humix.com/video.js
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:56cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e510e71cd3a68264b8c628371a7cfea5d7cb3883a594c76b51c44e28ebcb6b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
content-encoding
zstd
cf-cache-status
BYPASS
etag
W/"73e99e1ea8fdf6a2bd4ea4c4054c4bc7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZbH2laXhmzXCDpTMSpzz8HkZP5p2aN8pT9qksnPJFq%2FCFSU%2BCzVYbiF%2B5z%2FYLD3d9QvTM6ofCCe3%2FrXZIal1D1vgmTilGTgmQnuygNrmkpAypzEKJD909XnVcGPE3byA4C2tk3P06DZ1ZJaS"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2383&min_rtt=2100&rtt_var=658&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4279&recv_bytes=5535&delivery_rate=996&cwnd=12000&unsent_bytes=0&cid=22d6125c92f6dd5b&ts=52&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
902bb1c57c09437a-EWR
server
cloudflare
glyphicons-halflings-regular.woff2
securityonline.info/wp-content/themes/morenews/assets/bootstrap/fonts/
18 KB
18 KB
Font
General
Full URL
https://securityonline.info/wp-content/themes/morenews/assets/bootstrap/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:5d5b:8bb5:8ae2:1fff Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://securityonline.info
Referer
https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/

Response headers

access-control-max-age
1728000
etag
"6782191e-466c-gzip"
x-middleton-response
200
access-control-allow-methods
POST, GET, OPTIONS
response
200
date
Thu, 16 Jan 2025 05:27:05 UTC
x-middleton-display
staticcontent_sol
content-type
application/octet-stream
last-modified
Sat, 11 Jan 2025 07:09:18 GMT
x-ezoic-cdn
Hit d2;mm;ea00e4e80b4d34eb370f71a6d59a4c43;2-124533-178;l3BUbCLQINtI25zlH6E7N
display
staticcontent_sol
vary
Accept-Encoding,User-Agent,Origin
strict-transport-security
max-age=31536000
cache-control
public, max-age=2592000
access-control-allow-origin
https://securityonline.info
x-origin-cache-control
server
nginx
aft-icons.woff
securityonline.info/wp-content/themes/morenews/assets/icons/fonts/
19 KB
11 KB
Font
General
Full URL
https://securityonline.info/wp-content/themes/morenews/assets/icons/fonts/aft-icons.woff?e3nek0
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:5d5b:8bb5:8ae2:1fff Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
cbf00b5be3a1a66e52613c9d2c3a2960e092c08391569b15b35f0b9617ef7e6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://securityonline.info
Referer
https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/

Response headers

access-control-max-age
1728000
content-encoding
br
etag
"6782191e-4b94-gzip"
x-middleton-response
200
access-control-allow-methods
POST, GET, OPTIONS
response
200
date
Thu, 16 Jan 2025 05:27:05 UTC
x-middleton-display
staticcontent_sol
content-type
application/font-woff
last-modified
Sat, 11 Jan 2025 07:09:18 GMT
x-ezoic-cdn
Hit d2;mm;bdb9b91aaaa9d88404520d311884d2c3;2-124533-178;B1i70-WtklLcwLvUzO080
display
staticcontent_sol
vary
Accept-Encoding,User-Agent,Origin
cache-control
public, max-age=31536000
pragma
public
access-control-allow-origin
https://securityonline.info
x-origin-cache-control
max-age=2592000
server
nginx
hacker-3480124_1280.jpg
cdn-0.securityonline.info/wp-content/uploads/2024/11/
152 KB
153 KB
Image
General
Full URL
https://cdn-0.securityonline.info/wp-content/uploads/2024/11/hacker-3480124_1280.jpg?ezimgfmt=rs%3Adevice%2Frscb1-1
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:19f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8342d04e6df2388f78f1feb9969956a7431103f703b6a636e7e3cf6287204e92

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

cf-cache-status
MISS
etag
"672c81e0-28673-gzip"
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fyu4duLnTewBjKEFaYKNvXjJZxsfY09s3RDt40XkAnL4uqOfqn34lfmx1hckbgkm9oM2c7Ez9rIOtHJnBQ9bWayL%2BpIK04URegWpHLk0xe3d24OeK3cNGgMHAGBOTN3TXaCfcMh9ROHwLu%2FZQXSqA8q9x7V5FjzX"}],"group":"cf-nel","max_age":604800}
response
200
expires
Sat, 15 Feb 2025 05:27:05 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9953&min_rtt=9340&rtt_var=374&sent=121&recv=69&lost=0&retrans=0&sent_bytes=121855&recv_bytes=11447&delivery_rate=1858750&cwnd=37200&unsent_bytes=0&cid=453993dd4417e33b&ts=322&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:06 GMT
x-middleton-display
staticcontent_sol
content-type
image/jpeg
last-modified
Thu, 07 Nov 2024 09:01:20 GMT
x-ezoic-cdn
Miss
priority
u=1,i
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
display
staticcontent_sol
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
cf-ray
902bb1c4ba37c950-IAD
x-origin-cache-control
max-age=2592000
server
cloudflare
boise.js
www.ezojs.com/detroitchicago/
824 B
1 KB
Script
General
Full URL
https://www.ezojs.com/detroitchicago/boise.js?gcb=195-2&cb=5
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3f6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4fafcd389d58bbd82e49d9a68e81e9dc8384330ff14ec3283a4d0d11812047b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
age
1283940
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OVG%2FM8GD5D2xrFTyB96Y3WmbJqM4c86soWhw1l3maVR0YTZZUhGJ3ZW5NxNjuyd1xikoDbp91tTziPAD9O729pnseFgxg5aDz0VOMIiWPSX%2FtK0%2FIUyU4iZ%2BqDqAVw2oSdJZBZdUK3CKpSgk"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9493&min_rtt=9165&rtt_var=2530&sent=22&recv=12&lost=0&retrans=0&sent_bytes=15380&recv_bytes=5141&delivery_rate=64045&cwnd=12000&unsent_bytes=0&cid=3af1c095de154c8a&ts=36&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Wed, 01 Jan 2025 08:48:05 GMT
priority
u=3,i=?0
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
902bb1c59cf3206f-IAD
server
cloudflare
abilene.js
www.ezojs.com/parsonsmaize/
11 KB
5 KB
Script
General
Full URL
https://www.ezojs.com/parsonsmaize/abilene.js?gcb=195-2&cb=7f81d60744
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3f6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ee19d99d503b3f16f4aae994d9b5f2b75524cd1bf780ae8f092951f7fe4e199

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
age
1065683
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ygyaDAVhVSRoNa%2BmsIQw5j4pg%2B8IJJY2TkTK1dArfGVUs%2F3ruoYEiK%2FtN4%2BqqC1SMejMQDqEKv1lLto%2Fc8ewoyRKca1ePUTjImipbQWiEdXVA7TIiBLNcbnr%2Fe7biSXvEYbNN8scHbtsO4aJ"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9207&min_rtt=9165&rtt_var=2611&sent=10&recv=11&lost=0&retrans=0&sent_bytes=4188&recv_bytes=5094&delivery_rate=55535&cwnd=12000&unsent_bytes=0&cid=3af1c095de154c8a&ts=28&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Fri, 03 Jan 2025 21:25:42 GMT
priority
u=3,i=?0
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
902bb1c59cf1206f-IAD
server
cloudflare
tulsa.js
www.ezojs.com/detroitchicago/
13 KB
5 KB
Script
General
Full URL
https://www.ezojs.com/detroitchicago/tulsa.js?gcb=195-2&cb=9
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3f6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf9d6d0b36c4e43bb90e28078c16ba093457e2bea78030d65502f9ca66a0f85b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
age
1793830
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I4ptFfxefIq2LH1PffIZ0R3e9gj6BvU8BPgFgA2Yef9VoHN13Y15RgIB3zdp9VL8EJTCxPwkRBUViCM8STQusa0PLUy8sqKMW30lty2pMVLDXib2Nj4BCHSBqupbhz%2BB4lIigrG8R6VyaJrz"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9493&min_rtt=9165&rtt_var=2530&sent=23&recv=12&lost=0&retrans=0&sent_bytes=16188&recv_bytes=5141&delivery_rate=64045&cwnd=12000&unsent_bytes=0&cid=3af1c095de154c8a&ts=37&x=1", cfExtPri, cfHdrFlush;dur=1
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 26 Dec 2024 11:09:55 GMT
priority
u=3,i=?0
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
902bb1c59cef206f-IAD
server
cloudflare
surly-badges.min.css
cdn.sur.ly/widget-awards/css/
17 KB
3 KB
Stylesheet
General
Full URL
https://cdn.sur.ly/widget-awards/css/surly-badges.min.css
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
709db6c0f6bdf9ceb176a43adf30eb1be65c0b2b1f7130d203133e4af06a2651

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"62a6bbbc-4517"
age
1465957
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8q1cwWCSXnksKNfU43GQ1vV4UiS08c1ZaqOK2142AZ5O0NXR3%2FqkJj7QuI6SonVhelVSya4vObUt%2F9UkConZnrZXN%2FJbFHcERF9%2FfAGI4nmgXhLVmUAD%2FmTobpdSFQdG%2BosdBNP2ucU%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 29 Jan 2025 06:14:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10166&min_rtt=9723&rtt_var=2409&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4295&recv_bytes=4318&delivery_rate=64789&cwnd=12000&unsent_bytes=0&cid=e3d20cc301284cd1&ts=30&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
content-type
text/css
last-modified
Mon, 13 Jun 2022 04:23:24 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
902bb1c4beb481ee-IAD
server
cloudflare
navigation.js
cdn-0.securityonline.info/wp-content/themes/morenews/js/
3 KB
2 KB
Script
General
Full URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/js/navigation.js?ver=1.0.26
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:19f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6782191e-b97-gzip"
age
10406
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rhIGoBmNbV4bmZIaMK75y5f876L8dLi5OqNqem8CQ5UdYt4a3CKzeH4CDL5Th8yJhr41Cb%2FnxZlNlaZ%2BlXekPrQPcxPZUvX2dIZb9n%2By4BdnU%2BSl6Rs9uhjD01g5NALyisddHa8bpTWm463TZldWIDaFI%2BURhWYA"}],"group":"cf-nel","max_age":604800}
response
200
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10371&min_rtt=9340&rtt_var=1376&sent=29&recv=27&lost=0&retrans=0&sent_bytes=19331&recv_bytes=8980&delivery_rate=384755&cwnd=12000&unsent_bytes=0&cid=453993dd4417e33b&ts=69&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
staticcontent_sol
content-type
application/javascript
last-modified
Sat, 11 Jan 2025 07:09:18 GMT
x-ezoic-cdn
Hit d2;mm;5c036e94e6435c98b31503ee0da8e5be;2-124533-177;UFXvWV-LaGpikwEl4GgAs
display
staticcontent_sol
vary
Accept-Encoding,User-Agent,Origin
priority
u=2,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
x-sol
pub_site
cf-ray
902bb1c50ae7c950-IAD
x-origin-cache-control
max-age=2592000
server
cloudflare
analytics
securityonline.info/ezais/
8 KB
3 KB
XHR
General
Full URL
https://securityonline.info/ezais/analytics?cb=1
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:5d5b:8bb5:8ae2:1fff Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
77a8c44239b78ca8fe6d74e9b0d8d0a93262dd7022d3a323290d5228e9b51a80

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/

Response headers

x-robots-tag
noindex
access-control-max-age
1728000
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
https://securityonline.info
date
Thu, 16 Jan 2025 05:27:05 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
server
Apache/2.4.39 (Ubuntu)
access-control-allow-headers
Content-Type
lazy_load.js
www.ezojs.com/tardisrocinante/
14 KB
6 KB
Script
General
Full URL
https://www.ezojs.com/tardisrocinante/lazy_load.js?gcb=2&cb=6
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3f6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dd170013a5961d8e5cecfe293b157f2c27f21cc341997168764478e1c3b49a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
age
1985731
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2FudQc4PsfbnMALlW5y6NMld2wUzs4xGIsVI1IkwJb3dufnmrZwYtoLW%2BGesv2KEwqnbf%2Ff1fzzOdmevapokk9ZkAnqzQb5tDaoVHINGSTCfw49%2BabGI%2FsQARx4VRB4s7BQ4%2B4I%2FI54RCpJY"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9493&min_rtt=9165&rtt_var=2530&sent=16&recv=12&lost=0&retrans=0&sent_bytes=9071&recv_bytes=5141&delivery_rate=64045&cwnd=12000&unsent_bytes=0&cid=3af1c095de154c8a&ts=36&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 24 Dec 2024 05:51:34 GMT
priority
u=3,i=?0
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
902bb1c59cf4206f-IAD
server
cloudflare
css2
fonts.googleapis.com/
2 KB
589 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Oswald&display=swap
Requested by
Host: cdn.sur.ly
URL: https://cdn.sur.ly/widget-awards/css/surly-badges.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cac8b9784ba1bb5d7a7b66f0cec55d996907b73ce993138ab998d8b05b11ffea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cdn.sur.ly/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 16 Jan 2025 05:27:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 16 Jan 2025 05:27:05 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 16 Jan 2025 04:35:50 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
truncated
/
71 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
567975ded6aba7d08dd5e8a44bcd462d302474cf90a13649d86759fef0d88a7b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
71 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a48477ff0fe54eb2a09a90c311cacc15dbc6750d56faad2ecdadf2904cde67b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
69 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94cce56c2c4bc1d0fb5b8e5ddf05d1cf4c15ce425e6c35b0b8932486cf25455c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
71 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5ff81c25ae04ab91b762c8903fc77eb26ee587865557818d550eabc11f44ca5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Oswald:400,700&display=optional
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://securityonline.info
Referer
https://fonts.googleapis.com/

Response headers

age
43602
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 15 Jan 2026 17:20:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 15 Jan 2025 17:20:23 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
aft-icons.ttf
cdn-0.securityonline.info/wp-content/themes/morenews/assets/icons/fonts/
19 KB
20 KB
Font
General
Full URL
https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/icons/fonts/aft-icons.ttf?e3nek0
Requested by
Host: cdn-0.securityonline.info
URL: https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/icons/style.css?ezmin=true&ff=1&ver=6.7.1&wps=false&ez_used_css_s=122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:19f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f498f4de89f8c27d4d56f4d8dd0988da262875d8e4f1fa71bdf2a391b9050523

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://securityonline.info
Referer
https://cdn-0.securityonline.info/wp-content/themes/morenews/assets/icons/style.css?ezmin=true&ff=1&ver=6.7.1&wps=false&ez_used_css_s=122

Response headers

access-control-max-age
1728000
cf-cache-status
HIT
etag
"6782191e-4b48-gzip"
age
8881
x-middleton-response
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oYiMOEU2VgqFoiMziquhMMcFwjJhIuJ1zHvc9RINe9TEH4ctEk2LfvnxOMTzoSkDGAuaGOZMHF%2BPwPQcfzXWZPH3NalUZbUKXK4EkrX9OhlHHnRrG5H7S4bDMFmyJL67jU981O9nbSpeP1dTC3vZXOMQOCF0mcTB"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS
response
200
expires
Sat, 15 Feb 2025 02:59:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14857&min_rtt=14821&rtt_var=5630&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4221&recv_bytes=4342&delivery_rate=191603&cwnd=12000&unsent_bytes=0&cid=8d9c7ab859f74c83&ts=33&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
staticcontent_sol
content-type
application/octet-stream
last-modified
Sat, 11 Jan 2025 07:09:18 GMT
x-ezoic-cdn
Miss
display
staticcontent_sol
vary
Accept-Encoding,User-Agent,Origin
priority
u=0,i=?0
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
cf-ray
902bb1c5eea6aaec-YYZ
access-control-allow-origin
https://securityonline.info
x-origin-cache-control
max-age=2592000
server
cloudflare
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v53/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Oswald:400,700&display=optional
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://securityonline.info
Referer
https://fonts.googleapis.com/

Response headers

age
59050
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 15 Jan 2026 13:02:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 15 Jan 2025 13:02:55 GMT
last-modified
Tue, 15 Aug 2023 18:38:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
21444
x-xss-protection
0
server
sffe
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://securityonline.info
Referer
https://fonts.googleapis.com/

Response headers

age
56536
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 15 Jan 2026 13:44:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 15 Jan 2025 13:44:49 GMT
last-modified
Tue, 15 Aug 2023 18:49:41 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
12276
x-xss-protection
0
server
sffe
recommended_pages.js
securityonline.info/utilcave_com/apps/js/
16 KB
3 KB
Script
General
Full URL
https://securityonline.info/utilcave_com/apps/js/recommended_pages.js?cb=7
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:5d5b:8bb5:8ae2:1fff Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
5b2b8d431ffc12e91090b624fc573a8ef4d18a8c68abc862fe1b1f40b17be72a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/

Response headers

cache-control
public, max-age=2592000
content-encoding
br
etag
"41b3-605c110814c00-gzip-gzip"
x-sol
middleton
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
staticcontent_sol
content-type
application/javascript
last-modified
Wed, 20 Sep 2023 02:23:44 GMT
server
Apache/2.4.39 (Ubuntu)
display
staticcontent_sol
vary
Accept-Encoding,Origin
indy.js
go.ezodn.com/detroitchicago/
141 KB
39 KB
Script
General
Full URL
https://go.ezodn.com/detroitchicago/indy.js?cb=22&gcb=0
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8e79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50deb40931d1766fcf11f27689ef2cd54dfc8633354109b8cc20c5d447ce985c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
content-encoding
zstd
cf-cache-status
HIT
age
1581954
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SWL0a%2BY3ciiJs11zrR1iBT2r0nW8uuU79XfewOv2737hW0npfYuH5XxrUsEvsXen4hCy8HaRnyGtKm8U3chOwNFkoWHpcq04cftiy8hWklRtcmhe4A0G1I5LM9C0RO9vzMCSZgM317k8o6o%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9153&min_rtt=8554&rtt_var=406&sent=228&recv=70&lost=0&retrans=0&sent_bytes=253859&recv_bytes=7227&delivery_rate=8162758&cwnd=123600&unsent_bytes=0&cid=86fd5833d43b53f8&ts=252&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Sat, 28 Dec 2024 22:01:11 GMT
priority
u=3,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
902bb1c5eb9dc940-IAD
server
cloudflare
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
mulvane.js
www.ezojs.com/parsonsmaize/
1021 B
1 KB
Script
General
Full URL
https://www.ezojs.com/parsonsmaize/mulvane.js?gcb=195-2&cb=c630b8b861
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3f6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14d43b59dd15c6e81b6f4c787f68d98d81a7bf0fbb7fbc4f6c1989e6d29a222e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
age
1720263
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HYC%2BevwlPZMybp4ZMG91h1wwJOYzK45YuG6WzD%2FaiwdqxJYVMqcH%2FPpNG2wgJExO5d2I5w8m1hsi8DSKkSV6ayOCdC4wbpgb0SyT%2FIjMLXhc0iEMeZ%2F%2BIDCnciC2IT2veI3GndyP7J5IEZdy"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=11427&min_rtt=9165&rtt_var=1523&sent=30&recv=32&lost=0&retrans=0&sent_bytes=21966&recv_bytes=8460&delivery_rate=1174144&cwnd=16800&unsent_bytes=0&cid=3af1c095de154c8a&ts=86&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Fri, 27 Dec 2024 07:36:02 GMT
priority
u=3,i=?0
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
902bb1c5fd32206f-IAD
server
cloudflare
et.js
www.ezojs.com/porpoiseant/
1 KB
1 KB
Script
General
Full URL
https://www.ezojs.com/porpoiseant/et.js?gcb=195-2&cb=3
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3f6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f67393986c012dbf48aa3149e2874bd84ed5f466362ad1ac31305f697f1da7b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
age
1460131
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CERvvWJoiOxkXGN3fthd15fKheFG1rktegKHP%2FWOKgnKVn1XbU9GK2A2j3KUmd2dm5RcIodFN7R9Se1h6oxGTPjMntkApZ6yg0Hfz9WmXWAOsluN8vkuBCuLNM9fdp%2BuGOlpb8lt88kouLzp"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=11427&min_rtt=9165&rtt_var=1523&sent=44&recv=32&lost=0&retrans=0&sent_bytes=33450&recv_bytes=8460&delivery_rate=1174144&cwnd=16800&unsent_bytes=0&cid=3af1c095de154c8a&ts=92&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 30 Dec 2024 07:51:34 GMT
priority
u=3,i=?0
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
902bb1c5fd34206f-IAD
server
cloudflare
reno.js
www.ezojs.com/detroitchicago/
1 KB
1 KB
Script
General
Full URL
https://www.ezojs.com/detroitchicago/reno.js?gcb=195-2&cb=3
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3f6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a285bc82f73dbd55244657449b4d9b2ecae8b2ea622d5558432bc818bb847df2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
age
1278153
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ShOH6PWsRgIpxFG2kR454cNVJmqzP%2FVHBm92AgTgx8t2w98djMkCaOCM3oKuFqawlU5BPsUTHC4%2FUVJeo20T0aFAMpoRPHnLIC3wxmYYHMXk5qFHhQucAWwYJXeicA0RLrfy1%2FF8%2FRS%2Bb7RB"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=11427&min_rtt=9165&rtt_var=1523&sent=32&recv=32&lost=0&retrans=0&sent_bytes=23285&recv_bytes=8460&delivery_rate=1174144&cwnd=16800&unsent_bytes=0&cid=3af1c095de154c8a&ts=88&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Wed, 01 Jan 2025 10:24:32 GMT
priority
u=3,i=?0
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
902bb1c5fd35206f-IAD
server
cloudflare
overlandpark.js
www.ezojs.com/detroitchicago/
986 B
1 KB
Script
General
Full URL
https://www.ezojs.com/detroitchicago/overlandpark.js?gcb=195-2&cb=ca5e4c8a46
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3f6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a932b965c53c29da48239fb15b5ae1456d17988a9f81ee788b854903a2ecd169

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://securityonline.info/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
age
1551904
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NF6ZKHcNAv93f8x64uLEUoNUkIY8GP5HLJ7ZAKfU91ouMi%2FRabJxwrGth3H5%2BXP43rzqeeK3UEhHqIm7l%2FoGAr0HJavf%2Funoo97pxDNToxoybjKDDkjIedqFrkEDEd5GLNnwojJ2Z%2BYUKZMk"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=11427&min_rtt=9165&rtt_var=1523&sent=41&recv=32&lost=0&retrans=0&sent_bytes=31007&recv_bytes=8460&delivery_rate=1174144&cwnd=16800&unsent_bytes=0&cid=3af1c095de154c8a&ts=89&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 16 Jan 2025 05:27:05 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Sun, 29 Dec 2024 06:22:01 GMT
priority
u=3,i=?0
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
902bb1c5fd38206f-IAD
server
cloudflare
birmingham.js
www.ezojs.com/detroitchicago/
752 B
1 KB
Script
General
Full URL
https://www.ezojs.com/detroitchicago/birmingham.js?gcb=195-2&cb=539c47377c
Requested by
Host: securityonline.info
URL: https://securityonline.info/dll-side-loading-strikes-again-yokai-backdoor-bypasses-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3f6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash