www.securityweek.com Open in urlscan Pro
2606:4700:20::6818:a003 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Submission: On May 03 via api (May 3rd 2023, 9:23:43 pm UTC) from IN — Scanned from DE

Summary HTTP 190 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 31 IPs in 2 countries across 22 domains to perform 190 HTTP transactions. The main IP is 2606:4700:20::6818:a003, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.securityweek.com. The Cisco Umbrella rank of the primary domain is 237759.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 24th 2023. Valid for: a year.

This is the only time www.securityweek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 81	2606:4700:20:... 2606:4700:20::6818:a003	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:853b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6811:ca35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	116.202.46.88 116.202.46.88	24940 (HETZNER-AS) (HETZNER-AS)
3	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
7	151.101.0.134 151.101.0.134	54113 (FASTLY) (FASTLY)
18	2600:9000:212... 2600:9000:2127:a400:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:8cce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:69c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:18c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:d6f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
190	31

81 2606:4700:20::6818:a003 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.securityweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:853b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:ca35 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.justuno.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
my.justuno.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aly.justuno.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 116.202.46.88 (Weng, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.46.202.116.clients.your-server.de

ads.securityweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

securityweek.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5b305362616ed8f3d8985e68445241db.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.0.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:9000:2127:a400:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8cce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:69c7 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:18c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6f3 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
88	securityweek.com 1 redirects www.securityweek.com — Cisco Umbrella Rank: 237759 ads.securityweek.com — Cisco Umbrella Rank: 584530	1 MB
18	disquscdn.com c.disquscdn.com — Cisco Umbrella Rank: 5038	507 KB
17	googlesyndication.com 5b305362616ed8f3d8985e68445241db.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 94 tpc.googlesyndication.com — Cisco Umbrella Rank: 137	113 KB
12	gstatic.com fonts.gstatic.com	192 KB
11	disqus.com securityweek.disqus.com — Cisco Umbrella Rank: 653079 disqus.com — Cisco Umbrella Rank: 1150 referrer.disqus.com — Cisco Umbrella Rank: 7271	106 KB
8	justuno.com cdn.justuno.com — Cisco Umbrella Rank: 26166 my.justuno.com — Cisco Umbrella Rank: 26488 aly.justuno.com — Cisco Umbrella Rank: 30039	60 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 ad.doubleclick.net — Cisco Umbrella Rank: 169 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 352	189 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2587	21 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 328 fonts.googleapis.com — Cisco Umbrella Rank: 37	17 KB
3	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2039	16 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	79 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	226 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4462 forms.hscollectedforms.net — Cisco Umbrella Rank: 4572	26 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 897	14 KB
1	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 3923	687 B
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2158	1 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 292	67 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2027	21 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 9108	531 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2253	896 B
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 850	12 KB
190	22

	Domain	Requested by
81	www.securityweek.com	1 redirects www.securityweek.com static.cloudflareinsights.com
18	c.disquscdn.com	disqus.com c.disquscdn.com
12	fonts.gstatic.com	fonts.googleapis.com
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net ad.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	disqus.com	securityweek.disqus.com c.disquscdn.com
7	ads.securityweek.com	www.securityweek.com ads.securityweek.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net ad.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
5	cdn.justuno.com	www.securityweek.com cdn.justuno.com
4	securepubads.g.doubleclick.net	www.securityweek.com securepubads.g.doubleclick.net
3	js.hs-banner.com	js.hs-scripts.com js.hs-banner.com
3	www.googletagservices.com	ads.securityweek.com www.googletagservices.com ad.doubleclick.net
3	securityweek.disqus.com	www.securityweek.com securityweek.disqus.com
3	www.googletagmanager.com	www.securityweek.com www.googletagmanager.com
3	fonts.googleapis.com	www.securityweek.com client
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	my.justuno.com	cdn.justuno.com www.securityweek.com
2	static.cloudflareinsights.com	www.securityweek.com
1	aly.justuno.com	www.securityweek.com
1	referrer.disqus.com
1	forms.hsforms.com
1	track.hubspot.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	www.google.com	tpc.googlesyndication.com
1	s0.2mdn.net	ad.doubleclick.net
1	ad.doubleclick.net	www.googletagservices.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	5b305362616ed8f3d8985e68445241db.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	js.hs-scripts.com	www.securityweek.com
1	use.fontawesome.com	www.securityweek.com
1	ajax.googleapis.com	www.securityweek.com
190	35

This site contains links to these domains. Also see Links.

Domain
gateway.on24.com
www.securitysummits.com
www.icscybersecurityconference.com
www.facebook.com
twitter.com
www.linkedin.com
ads.securityweek.com
web.whatsapp.com
www.crowdstrike.com
www.bloomberg.com
content.fireeye.com
www.cisoforum.com
advertise.securityweek.com

Subject Issuer	Validity	Valid
www.securityweek.com Cloudflare Inc ECC CA-3	`2023-01-24` - `2024-01-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
justuno.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
servedbyadbutler.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-01-03`	10 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-13` - `2024-04-20`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
a.disquscdn.com Amazon RSA 2048 M01	`2023-03-01` - `2023-10-29`	8 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Frame ID: CEB754ADBDC68A1950B60B663FB7C401
Requests: 131 HTTP requests in this frame

Frame: https://5b305362616ed8f3d8985e68445241db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 934005246B3F7F2ABAD816209585988C
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: 42F20B47F9E9EF7C6102FDDE516BAEC1
Requests: 2 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&s_o=default
Frame ID: 1904FA3B81825330F25544E26F6ACD00
Requests: 17 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N30602.3746816SECURITYWEEK/B29809356.364737092;dc_ver=95.280;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3756665563;ord=3zxtk6;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F$0;xdt=0;crlt=aYs0wv!qS6;stc=1;chaa=1;sttr=55;prcl=s
Frame ID: C0A00872E58DB7DCAECB7279E61D3BAC
Requests: 10 HTTP requests in this frame

Frame: https://cdn.justuno.com/store_4.1.html?v=5.63
Frame ID: CF2122E12D398ECCD66E7D05A06368B9
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group
Frame ID: 839732CDA1EB0FBE6DB6B8A61A609A1C
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 30670C1AAC09BE8F049D17C3EFEA764B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A80BC9BB38C9C6C357731EA28F29E622
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4AF58442C1D8530050C49FA60848B8A3
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vL7o0N_rWuXUXr4zaznQwGRTzb1r1IdsCvpeVnelq_s.js
Frame ID: 6F59522FB0D826FC2CAF1C342A05D777
Requests: 1 HTTP requests in this frame

Frame: https://cdn.justuno.com/store_4.1.html?v=5.63
Frame ID: FE9D7E0D0EE2954191ACE7C83DE203CB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

North Korean Attacks on Banks Attributed to 'APT38' Group - SecurityWeek

Page URL History Show full URLs

https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group HTTP 301
https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

190
Requests

100 %
HTTPS

81 %
IPv6

22
Domains

35
Subdomains

31
IPs

2
Countries

3087 kB
Transfer

7119 kB
Size

18
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://gateway.on24.com/wcc/eh/1220486/securityweek-webcast-library
Title: Webcasts

Search URL Search Domain Scan URL

URL: https://www.securitysummits.com/
Title: Virtual Events

Search URL Search Domain Scan URL

URL: https://www.icscybersecurityconference.com/
Title: ICS Cybersecurity Conference

Search URL Search Domain Scan URL

URL: https://www.securitysummits.com/event/ciso-virtual-summit/
Title: CISO Forum

Search URL Search Domain Scan URL

URL: https://www.facebook.com/SecurityWeekCom-366251913615/

Search URL Search Domain Scan URL

URL: https://twitter.com/securityweek

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/securityweek/

Search URL Search Domain Scan URL

URL: https://ads.securityweek.com/redirect.spark?MID=179018&plid=1998711&setID=593294&channelID=0&CID=536014&banID=521006504&PID=0&textadID=0&tc=1&adSize=970x250&mt=1683149019796730&sw=1600&sh=1200&spr=1&referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&hc=0a41680bf09b3c36216f1a4ecd79c2018044e081&location=

Search URL Search Domain Scan URL

URL: https://web.whatsapp.com/send?text=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group%20https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.crowdstrike.com/blog/meet-crowdstrikes-adversary-of-the-month-for-april-stardust-chollima/
Title: Stardust Chollima

Search URL Search Domain Scan URL

URL: https://www.bloomberg.com/news/articles/2018-05-29/mexico-foiled-a-110-million-bank-heist-then-kept-it-a-secret
Title: Bancomext

Search URL Search Domain Scan URL

URL: https://content.fireeye.com/apt/rpt-apt38
Title: report on APT38

Search URL Search Domain Scan URL

URL: https://twitter.com/EduardKovacs

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/eduard-kovacs-7b796134/

Search URL Search Domain Scan URL

URL: https://www.securitysummits.com/event/threat-intelligence-summit/
Title: Virtual Event: Threat Detection and Incident Response Summit

Search URL Search Domain Scan URL

URL: https://www.cisoforum.com/
Title: CISO Forum

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/groups?mostPopular=&gid=3551517
Title: Cyber Weapon Discussion Group

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/groups/?gid=4439585
Title: Security Intelligence Group

Search URL Search Domain Scan URL

URL: https://advertise.securityweek.com/info
Title: Advertising

Search URL Search Domain Scan URL

URL: https://advertise.securityweek.com/events
Title: Event Sponsorships

Search URL Search Domain Scan URL

URL: https://advertise.securityweek.com/contact-securityweek
Title: Writing Opportunities

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group HTTP 301
https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

190 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Redirect Chain

https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group
https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/

146 KB
28 KB

616ms
615ms

Document
text/html

2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: a2ed84e7439fcfc9413459689f32ef5283f153846a8d8514900ca149fe578dc5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c1b90f2287d1901-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 03 May 2023 21:23:38 GMT
last-modified: Mon, 23 Jan 2023 20:05:00 GMT
link: <https://www.securityweek.com/wp-json/>; rel="https://api.w.org/" <https://www.securityweek.com/wp-json/wp/v2/posts/16121>; rel="alternate"; type="application/json" <https://www.securityweek.com/?p=16121>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sivKke2XLmNo1ZTvqmbOtBudA3oHDI0ulnWrzdgAKVEYgjnHaJ3wjG7lbIg0zS9bKHfdjnNAS8bcunmvDQOEpg1XDjid21%2F2v6M9UDkWsTTWgqBW%2Btb1jQTrkMjYYUW1qLCX3Oo3csZZcfIWTKpBvpvR"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 59
x-cache-group: normal
x-cacheable: SHORT
x-pingback: https://www.securityweek.com/xmlrpc.php
x-powered-by: WP Engine

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c1b90f0ff4e1901-FRA
content-type: text/html; charset=UTF-8
date: Wed, 03 May 2023 21:23:37 GMT
expires: Wed, 03 May 2023 22:21:04 GMT
last-modified: Mon, 23 Jan 2023 20:05:00 GMT
location: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=feHdr0LXK8tPI0wyJviFoi5lWdi7dTyZyszPOy3A%2B7rrCDTjAYZiogv4dLt8zE%2BB8QOVPIDt%2Feecn%2FE8JYM8Ue7QNLoNUeZQo1ORPrZoV226yMQvPBIKIOoQJK8%2BF4abTQzaPftJjT7BVChl358%2FuO75"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-cache: HIT: 59
x-cache-group: normal
x-cacheable: non200
x-orig-cache-control: max-age=3600
x-pingback: https://www.securityweek.com/xmlrpc.php
x-powered-by: WP Engine
x-redirect-by: WordPress

GET
H3 200 uF-Ze7WAyjEpzP032WXyUupeXAE.js Show response
www.securityweek.com/cdn-cgi/apps/head/ 5 KB
2 KB 21ms
20ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/cdn-cgi/apps/head/uF-Ze7WAyjEpzP032WXyUupeXAE.js
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 794a3f88df27cdece064dcaa4ce73387648f766d52210b1b20cf2f50e974b8ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
x-amz-version-id: Id.3DPa.BYLi4zj2Rnk8_fem54OEk5yj
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 16:30:31 GMT
server: cloudflare
x-amz-request-id: 781ABCAS0EJ6ESJ7
age: 546586
etag: W/"739c49d4a7bfbaabde79b20a6605c852"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7c1b90f60d4737d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: /LBw/XfFtAbcSOAxSTFUyJT7tiyVVt+RMg47aKDH47DaLDBeZF+WRIEQESgdUFacVsSD2ZQ6Ws4=

GET
H3 200 style.min.css
www.securityweek.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 24ms
21ms Stylesheet
text/css 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 09:09:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2461916
etag: W/"642d3aad-17ced"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yj790%2FvruPHwdDU4R8FjhFpdUqpqYZESUy6BsuJNrLNR4I1JOxDxSchaL5Gd5UKiCsEV1xoqKnaNHbLqY3pVbFOS255htg%2FySos44%2Fun360wJfFNfGMT%2FriLpco6%2BY461atmDs%2FN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f60d4a37d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 classic-themes.min.css
www.securityweek.com/wp-includes/css/ 291 B
679 B 39ms
36ms Stylesheet
text/css 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/css/classic-themes.min.css?ver=6.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 09:09:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2461916
etag: W/"642d3aad-123"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4lYNpXi4KdWPWuUxGjpenOxmsTTl4Psueh1g844UkIJy0tT%2B4RkNylZGhvgUKEI%2BJunwoYzKT6f7Uh3BWCCXxxSZnMJl2K79OEiJ97LpJXx79WY28wsvvYaSDIsPxIB%2FB6TvNl2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f60d4b37d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 chartsofday.css
www.securityweek.com/wp-content/plugins/securityweek-chartoftheday/css/ 308 B
706 B 21ms
18ms Stylesheet
text/css 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/securityweek-chartoftheday/css/chartsofday.css?ver=1.0.0
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d7c24cb3877d3352b2f3f29ad6e2aee0418556546acaf0dd5c9bcda16f55e0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7925113
cf-polished: origSize=452
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-1c4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0k2jwxBBw%2F%2FZzrQN6T6%2FkvSPuWILPJqKs0VhVXepJrHQ2n3WhiDEwlBQk1RDoM%2BqFTzZlwlvsT5U8SvQJEYBwIR%2BnlhoDoeWUcTsh6d%2Bg4%2FdpG0ed3%2B6h7trxLIHnYdA2RaOqxvO2d%2BbRtV3MNs7QJLA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f60d4d37d2-FRA

GET
H3 200 security-week.css
www.securityweek.com/wp-content/plugins/securityweek/assets/css/ 1019 B
919 B 26ms
24ms Stylesheet
text/css 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/securityweek/assets/css/security-week.css?ver=1.3.0
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24ca94366d2777c45544e38e8592d63ee8fcc89b406bc3fe717a514512508a85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 545261
cf-polished: origSize=1077
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-435"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7G5G8TSvaICtqUdOIC3iZX1NoEU5PQC9io0Xo8hjfmg28%2Bth1%2FEWYPwcjNZ9f88vZ5UjRzz2SB7SWp5WG7pR%2F9Wwz7iJmVX1iGySmSjBV2CB7kQNOi3bDoGgQxMqmSg%2BcjQxR0%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f60d4e37d2-FRA

GET
H3 200 font-theme.css
www.securityweek.com/wp-content/plugins/theia-post-slider/css/ 2 KB
1 KB 39ms
36ms Stylesheet
text/css 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/theia-post-slider/css/font-theme.css?ver=1.15.1
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d5bf3f8dc9d9dcd608393de3bd8afbeedd5077039b595aaba4529064dbcbe89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 504522
cf-polished: origSize=3030
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:27 GMT
server: cloudflare
etag: W/"63cf858f-bd6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9FnCG%2FHqTFaPFzs56Xwds%2BYgzyNFm7eZRxbGoL06Fz1VtkK253g7nBX%2BYsyy%2FjJ6s8SIY6W3mNibd6aDZdQVWXSYnB8HWq6m2QDgO2DJLi7vIBQogB%2F9CViMfWPbWl0U5hY8UwaU3WPGJEGrRR0WoolS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f60d5037d2-FRA

GET
H3 200 style.css
www.securityweek.com/wp-content/plugins/theia-post-slider/fonts/ 4 KB
1 KB 28ms
25ms Stylesheet
text/css 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/theia-post-slider/fonts/style.css?ver=1.15.1
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67e380395b14a5ac48faabd1838b4e6fd75b01682364f987dc8948975838837c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7925113
cf-polished: origSize=4566
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-11d6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sE3YDwKlcfrKAlNiNZWzES63i0jUETwjvQvpAXmvMzqTYY%2FSQQShIV%2FKNlk0iF7d37tJn8rMF0MTV206JoEEeAJTgWaMuaVBghF0eEgMM595Sw3Strqye10MRR0iiWzRJKrtiIHa47lMyDv6M3WN3Pm5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f60d5137d2-FRA

GET
H3 200 dashicons.min.css
www.securityweek.com/wp-includes/css/ 58 KB
35 KB 31ms
28ms Stylesheet
text/css 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/css/dashicons.min.css?ver=6.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 545261
etag: W/"63cf8582-e688"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mBPPR0hOmoI53QsvLM0d3DXfjTiaOrKEX9umEkDygtdF63Xa4idcOtWXxStOcE0J8Q2Fv2fB6p3neCKGScH3tpuxbNGed5KtgBtvg2lKZ5cgdZPqmeZACp7LG85WUa%2F%2Bs78pwtW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f60d5237d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery-ui-dialog.min.css
www.securityweek.com/wp-includes/css/ 4 KB
2 KB 40ms
38ms Stylesheet
text/css 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/css/jquery-ui-dialog.min.css?ver=6.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 643e504c5417068283c7ba2a2e348b0f6c12da9e7b328470424453466d69efa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2461916
etag: W/"63cf8582-11c4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVBymsQjvIdeebXWNs3rA%2FOLHu%2BFjqsUmG53YJbRpzp%2FTYqjed2Hm8gmp1nUPpu1YR2BkAgksmHjD3nJOSLoblSqd7DigMoYEEWsEOVjLTKN3%2BXS9sO85fSKVLm209hUM38Sy%2Fo%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f60d5337d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 phone-picker.css
www.securityweek.com/wp-content/plugins/wp-2fa-premium/extensions/authy/assets/css/ 19 KB
3 KB 41ms
39ms Stylesheet
text/css 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/wp-2fa-premium/extensions/authy/assets/css/phone-picker.css?ver=2.3.0
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91bbc128851e65442a70a7e12e55068d75d7e9b0514c5c9cb7c15fe770cf8899

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7925113
cf-polished: origSize=27551
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:20 GMT
server: cloudflare
etag: W/"63cf8588-6b9f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F80e7FIwS9N7gl59JjxAlQtcg%2FQvRrCWuM0af6bMfUJ44dIm9DM5eYcbIvCfGhXE%2BQhItOf5NdD5WxPcP2ZRE%2FC3CvdeiGsm6si4s1%2B2gKjCt%2BtnjXtZjcJvqZgXY%2BOYmyCRduWWJmgnoIg8f3tiZ6Mu"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f60d5537d2-FRA

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/ 36 KB
9 KB 69ms
18ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css?ver=6.2

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 22:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8422
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 22:52:04 GMT

GET
H3 200 photoswipe.css
www.securityweek.com/wp-content/plugins/reviewer/public/assets/css/ 10 KB
3 KB 41ms
39ms Stylesheet
text/css 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/reviewer/public/assets/css/photoswipe.css?ver=3.14.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee5d15d9b1f5bfa5869678f288b9e829239f719ec5cb4ff8345979eb9001870c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7925113
cf-polished: origSize=10017
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-2721"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMWw37%2F7hdKynj3TjOv1hTojVceFWrgPXNmzKV43uHYy%2F1CCvPgy0Pp1oPjC%2B9dnCZRsAnJ4XB9AjBBa3f4Sa%2BOeWGLbHJpZVO836okb2wBNHKTg2VT%2BQVI2OyYaRYRHKhSVQioi7YlBihNIeRxaRlte"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f60d5637d2-FRA

GET
H3 200 reviewer-public.css
www.securityweek.com/wp-content/plugins/reviewer/public/assets/css/ 133 KB
13 KB 42ms
39ms Stylesheet
text/css 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/reviewer/public/assets/css/reviewer-public.css?ver=3.14.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6a6ecd56ebd86c4bf8099f38d4acebb360dce6b8ed3b8beebf34e9845510033

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7925113
cf-polished: origSize=135802
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:26 GMT
server: cloudflare
etag: W/"63cf858e-2127a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=feIyMNaiBjZ%2FjfnInEAWYaf%2FhFJ7svM7O4iGv%2BBm2OGVv647vQl0BObfW2iZ543WEWs%2FvgZ0hIq%2F5w52IxIBqzSIzRXEd15FokkQ5o9IZbFkpYW4Gl8YG01L2O4CsoObgM3qetqqx5REiH1VYo5UM0yP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f60d5837d2-FRA

GET
H3 200 wpp.css
www.securityweek.com/wp-content/plugins/wordpress-popular-posts/assets/css/ 438 B
751 B 45ms
43ms Stylesheet
text/css 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.1.1
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a391e09587513aa78421c34ed482a17a5e003c2132edd96227d53831a131b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 546585
cf-polished: origSize=1672
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:24 GMT
server: cloudflare
etag: W/"63cf858c-688"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRA2zdVLYuk26YqxU3nlq4PYkYgxNCV03bwNu0ctzvAuhKeZel7NLM1MwJyXemlMlLjp%2B32jLJRFmxhPvYT0%2BGHObT2mQTqTlPPRcwQB0%2B3QNuiaRj7DdUDtWwqEZ8A%2FyhKQQmeP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f60d5937d2-FRA

GET
H3 200 style.css
www.securityweek.com/wp-content/themes/zoxpress/ 147 KB
26 KB 46ms
43ms Stylesheet
text/css 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress/style.css?ver=6.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0803977e647dbdb41c98b4318386f697591604f184a59fcafec52ffba1f6bdef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2461916
cf-polished: origSize=184235
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
server: cloudflare
etag: W/"63cf8587-2cfab"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhtDgqckj4wUaX3NxHGIdvJ3UJwnLb1CGu0jegHt7wHyKYfeAdXXBZyaBHLPX%2FzKakWadXB9rzoDutUz0S4Xjae1T0AJZZ8ROyq%2FlXEJrgm3vfMsdH4y33I%2FXJSj8SNcYheX%2Fc6e"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f60d5b37d2-FRA

GET
H2 200 all.css
use.fontawesome.com/releases/v5.5.0/css/ 50 KB
12 KB 35ms
15ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css?ver=6.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: J7XMRZHM77QVEHZZ
age: 354886
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: sv5mkJ+J/l1Nk+vaaB4+s5DYLnoh4Zf8DfmT5UZqjg1SF+9ATaNIvv1clF2AyEshjwlLl05SUBg=
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
server: cloudflare
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VxwwJNW6RerOy%2BXi9LZQxl7F2Aa4qzFpQFDd%2B8tY2PCHQLNumvSh4woEGy81HozzeuS%2FtQc%2Fse2TrobVO4x%2FS6vwGgze8kTnYsvNjOn5NKEkXjIu%2FU9dgGkmu6JASjM3WYZUafSHF7qny3laAGUi3%2FSX"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7c1b90f62e8718f7-FRA

GET
H3 200 style.css
www.securityweek.com/wp-content/themes/zoxpress-child/ 20 KB
5 KB 47ms
45ms Stylesheet
text/css 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress-child/style.css?ver=1.0.22
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac21f306d6e92ea70d7e771b3f34e2ac02fd04959e9ae585b90f3ddbad08b6c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6518555
cf-polished: origSize=24081
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 17 Feb 2023 10:26:23 GMT
server: cloudflare
etag: W/"63ef564f-5e11"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGEQ%2BR93DS1dwQ69mnoUwRXYtegEqIAXLRuGtj0h0toMvdqD5Wf4DbdHkdWuPnDkHSoZwfCDF%2BgqjX0dgnzYZEd41gzA3Z5xcKJRpmY%2Fs1msgZPFEGHpL1kD0tgdzyTm02JAxVfz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f60d5c37d2-FRA

GET
H3 200 all.css
www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/css/ 58 KB
13 KB 47ms
45ms Stylesheet
text/css 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/css/all.css?ver=6.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 989934f975edb65dc96fce979cc86bf8d5a9453e6113df99622609381ce175d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 546585
cf-polished: origSize=73577
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
server: cloudflare
etag: W/"63cf8587-11f69"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDLcbNJ55KzMJKKPQoqtnMYHhceuvecOoL6iVN5K3WDF3t26MupPhwFyE%2FPM%2Biuq0y87N7wNjS1xn6kczBAhrhFVQYkChxfeHcgvKhTyS1wAM%2F%2Fa%2FhI%2FYAvbCAmiuGU9AEjArS7F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f60d5d37d2-FRA

GET
H2 200 css
fonts.googleapis.com/ 176 KB
6 KB 90ms
40ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7COswald%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CTitillium+Web%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COswald%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COswald%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COswald%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COswald%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CBarlow+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f237806964c3aa6317cc801d4f166fd4a98cd79b29cf1a9e3ffd8177bd1595f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 May 2023 21:23:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 May 2023 21:23:38 GMT

GET
H3 200 media-queries.css
www.securityweek.com/wp-content/themes/zoxpress/css/ 139 KB
12 KB 47ms
45ms Stylesheet
text/css 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress/css/media-queries.css?ver=6.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec99dd07af5b4a5e3b072e941d355bdbfa1db688555cd4100ab61caa2b0bc25d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2461916
cf-polished: origSize=180354
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
server: cloudflare
etag: W/"63cf8587-2c082"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NF5iu3kwO1oNAW7%2BEDOZv4yuZQ3Q8LRY8C4Vi48Ck9R7j8myhwPGkb1Y5bG7CK98f7uPTkj20zPUcUv3eY9Cd1Hb7M1bI2PwxilWgbYSd6y9KHfskVnbJniBFMkOB%2BvjWJt%2F5IEB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f60d5f37d2-FRA

GET
H3 200 SecurityWeek-Small-Dark.png
www.securityweek.com/wp-content/uploads/2022/04/ 10 KB
10 KB 25ms
24ms Image
image/png 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/uploads/2022/04/SecurityWeek-Small-Dark.png
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbf7c9bddb9ee180560fa0a36e9d0713aeb6357dd8f79ee9ab31bb9246655136

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7924448
cf-polished: origSize=13020
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10019
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jan 2023 07:15:16 GMT
server: cloudflare
etag: "63cf8584-32dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLP%2BMcDXgout%2BH6x9hfsfex70Wn%2BbQPE2zDRY2JLwUaSpJRVcw5%2FwVrQlKT67cjsrHyV9YriQJHveKQHLW9D55RNaLmepCwYMsuKrDVej05%2FiiwtDBHIdC2efd%2BxAnwEt%2FF1p7NF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c1b90f67da637d2-FRA

GET
H3 200 SecurityWeek_Dark_News.png
www.securityweek.com/wp-content/uploads/2022/01/ 22 KB
22 KB 25ms
23ms Image
image/png 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/uploads/2022/01/SecurityWeek_Dark_News.png
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22bb1253ebf8405c69bdf9d628ab472e02e1f6a06d3eb07bd171494f6c3b6aea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7924447
cf-polished: origSize=30005
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22149
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jan 2023 07:15:16 GMT
server: cloudflare
etag: "63cf8584-7535"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9rHtJdaQNB%2B14leGwLw36xW46yv8kPX3DONNpkFgaOb%2FM3cqdco%2FTgDFP%2FsZn1rBi0eYd0ZgLHw57mPPJ1uWbdEGZqY4PXBuCJf23JJhMlm4hboVsuWs%2Fxz%2FKFY1bmqznZgN84y"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c1b90f67da837d2-FRA

GET
H3 200 SecurityWeek_Dark-Small.png
www.securityweek.com/wp-content/uploads/2022/01/ 10 KB
10 KB 23ms
22ms Image
image/png 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/uploads/2022/01/SecurityWeek_Dark-Small.png
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbf7c9bddb9ee180560fa0a36e9d0713aeb6357dd8f79ee9ab31bb9246655136

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7709926
cf-polished: origSize=13020
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10019
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jan 2023 07:15:16 GMT
server: cloudflare
etag: "63cf8584-32dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ot7wCz%2FemzgMADwcZSbdxvuwJUVSdkxLt1TSSVf4WmhUwaCemVzpr8vZtigk1Nic2g%2BiX4xwb3LTjvH8LG9FqopqqjJoPylSmI8KrMxqxt0BtJGDFL5JrgihJn7oFo8y1NAugjN6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c1b90f67daa37d2-FRA

GET
H3 200 APT38_targets.png
www.securityweek.com/sites/default/files/images/ 279 KB
280 KB 898ms
897ms Image
image/png 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/default/files/images/APT38_targets.png
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e592c6b2e3819e7031fe3de8cc419d76860debb304aacc26c5c8f44c23c7f990

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:39 GMT
cf-cache-status: MISS
last-modified: Tue, 24 Jan 2023 07:15:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63cf8598-45d88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bz8GcPJ11AEOZyec32fGzryFU2oYLxGg5xo6I8%2FGGue5LmDJfdgTyQvziZ32rS9e1Ie7QBS22iNGp0pVkG3kwPq9n1n%2BHJqHuhMJ7MUWSkpDpDSoYrl7MVPT4KTUsayU%2Bv5sqKxB177OJM%2BalEPq8rET"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c1b90f67dad37d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 286088

GET
H3 200 email-decode.min.js Show response
www.securityweek.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
835 B 12ms
11ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.securityweek.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 28 Apr 2023 14:11:40 GMT
server: cloudflare
etag: W/"644bd41c-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7c1b90f67da537d2-FRA
expires: Fri, 05 May 2023 21:23:38 GMT

GET
H3 200 SecurityWeek-Small-Dark@2x.png
www.securityweek.com/wp-content/uploads/2022/04/ 22 KB
22 KB 25ms
24ms Image
image/png 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/uploads/2022/04/SecurityWeek-Small-Dark@2x.png
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22bb1253ebf8405c69bdf9d628ab472e02e1f6a06d3eb07bd171494f6c3b6aea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7924447
cf-polished: origSize=30005
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22149
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jan 2023 07:15:16 GMT
server: cloudflare
etag: "63cf8584-7535"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vE6B6giiKxHfKPlgt95if3ttdCf1wULkWrnmBhTmMiboQOUanjanHo%2B1ACHzDUOEZ%2F3tf2e%2B10PvLhSqeWyaMaRVb4XRojAWk4b85Y%2B8JtN1CIrgOeszQZwhaide9BpL5nchNDp9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c1b90f67dae37d2-FRA

GET
H3 200 rocket-loader.min.js Show response
www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 12ms
11ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 28 Apr 2023 14:11:40 GMT
server: cloudflare
etag: W/"644bd41c-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7c1b90f67daf37d2-FRA
expires: Fri, 05 May 2023 21:23:38 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 65ms
43ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://www.securityweek.com/
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7c1b90f69bac2bdd-FRA

GET
H3 200 gTSU7w8TKow-r0zxLGZWiDD2jUk.js Show response
www.securityweek.com/cdn-cgi/apps/body/ 970 B
859 B 27ms
26ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/cdn-cgi/apps/body/gTSU7w8TKow-r0zxLGZWiDD2jUk.js
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/apps/head/uF-Ze7WAyjEpzP032WXyUupeXAE.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e504e9f649813734dd00f332c49ad8a7b96929b4ee751f8b69c87599c98d23dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
x-amz-version-id: tNf5oRoDTPzXxeaDfZtDqkmajaCc93wv
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 16:30:30 GMT
server: cloudflare
x-amz-request-id: PZ104WZZJBSQ3BF6
age: 544234
etag: W/"869fcc0499df4fef1fa9d1cd8e1d641e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7c1b90f67db037d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: AG9lI2zw9RbmXgws1NpVe8Ww0X+TJfQ6HXrVn/LmIich8QkONzWAn5iWwcoKNT36j+iYirrlgd8=

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 25 KB
25 KB 52ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7COswald%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CTitillium+Web%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COswald%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COswald%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COswald%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COswald%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CBarlow+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 22:13:59 GMT
x-content-type-options: nosniff
age: 342579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25372
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 22:13:59 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 18 KB
18 KB 63ms
26ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 17:27:48 GMT
x-content-type-options: nosniff
age: 100550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18232
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:27:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 May 2024 17:27:48 GMT

GET
H3 200 fa-brands-400.woff2
www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/webfonts/ 75 KB
75 KB 20ms
20ms Font
font/woff2 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/css/all.css?ver=6.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

Referer: https://www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/css/all.css?ver=6.2
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 544234
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76736
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
server: cloudflare
etag: "63cf8587-12bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjbdweTx%2F%2FC9GYJhBcpQy9vQTKIHU6DK8zakrQptlcdnuXljWxhB%2FztIzFNeXtPiMh2Vnu0%2FNdzM3YEcezavnw6CWjP%2BLtkscZ6kP4spd%2B%2Bp48Zd4pk8d0LG1RhU3XA10mUpuraz"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c1b90f6de0037d2-FRA

GET
H3 200 fa-solid-900.woff2
www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/webfonts/ 76 KB
77 KB 22ms
20ms Font
font/woff2 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/css/all.css?ver=6.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/css/all.css?ver=6.2
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7924457
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78268
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
server: cloudflare
etag: "63cf8587-131bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EicR9TcV66eyTFvAEhTt2Eb%2Fl4ybyvgW0d1Pkf6Yt0u4AhaQQAYIzH0dH8GiwCriErbIkzWOGXC0tVmjxhiB7JRTpyjLm2Mr82ZIakzOe%2BuFPs2mF%2BLyvjF2XOijyfiuylwWliXa"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c1b90f6de0237d2-FRA

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 12 KB
12 KB 67ms
30ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 07:29:38 GMT
x-content-type-options: nosniff
age: 482040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11796
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:47:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 07:29:38 GMT

GET
H3 200 fa-regular-400.woff2
www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/webfonts/ 13 KB
13 KB 26ms
25ms Font
font/woff2 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/webfonts/fa-regular-400.woff2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/css/all.css?ver=6.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca

Request headers

Referer: https://www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/css/all.css?ver=6.2
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7924457
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13224
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
server: cloudflare
etag: "63cf8587-33a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vbAqstsrAM%2Bq3cIxhp9%2FIw8%2F6lo3bauN4JKHzZ0iIRNBaDEo%2B0PZU2JX7uU6iweYdD64A2%2FsdTCRA6E0gTTkBdSKDwviHbrWk3HY9ELswmA9%2F%2F0IQSRj97EcoRx%2B9FzKykoXSMIL"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c1b90f6de0437d2-FRA

GET
H2 200 NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 12 KB
12 KB 70ms
34ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 05:53:30 GMT
x-content-type-options: nosniff
age: 487808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12372
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:19:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 05:53:30 GMT

GET
H3 200 picture-106.jpg
www.securityweek.com/wp-content/uploads/2022/04/ 40 KB
40 KB 21ms
21ms Image
image/jpeg 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/uploads/2022/04/picture-106.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c901e4c09c6bc073c66983e5740b7769d3ff9f40c8018caafe08ddd625fc41df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7916607
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40723
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jan 2023 07:15:16 GMT
server: cloudflare
etag: "63cf8584-9f13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTUOqU6xtIrmoSPhVWq4G9ivTlTh7mLwzCzsU%2F25PHInHEX%2FZyrTJdkNyPSvrM48BkTWK6QqrDYOQXIPnzy2N13A%2FJnHUs7qJ8maNLLNJnl7Qsh16RUuVW5nIPNv5p%2FzLwK2cflY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c1b90f6fe2037d2-FRA

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffEDBGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 10 KB
10 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffEDBGItzYw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e59456a560f58d0b6b7934bfc06e0b2faee5d61e2bdb10eef541dd66bfebe0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 10:37:15 GMT
x-content-type-options: nosniff
age: 384383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10444
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:44:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 10:37:15 GMT

GET
H2 200 HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 20 KB
20 KB 28ms
27ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 22:41:21 GMT
x-content-type-options: nosniff
age: 340937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20200
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:28:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 22:41:21 GMT

GET
H3 200 Matt-Wilson_Netography.jpg
www.securityweek.com/wp-content/uploads/2023/01/ 37 KB
37 KB 47ms
29ms Image
image/jpeg 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/uploads/2023/01/Matt-Wilson_Netography.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8dbf228fd3b96810997d6d3e8b9e55e4b183cf9e3c8abe9407fcf1ad58a6979

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7925178
cf-polished: origSize=40707
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37815
cf-bgj: imgq:100,h2pri
last-modified: Tue, 31 Jan 2023 01:45:27 GMT
server: cloudflare
etag: "63d872b7-9f03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6t7CezXakYl2gSZI1gRI1hV3BloYmygnFPrUjEs0WppOfenC8zAlGMK0tBqqqlrg05qZDIggfGHv%2Bi1CIOCSDqltBSeu%2F4hKvESAB3ktOAAeyM%2BnZImimJd3nOFz138ejgP9eihx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c1b90f77e9737d2-FRA

GET
H3 200 Oliver-Rochford.jpeg
www.securityweek.com/wp-content/uploads/2023/04/ 44 KB
44 KB 48ms
29ms Image
image/jpeg 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/uploads/2023/04/Oliver-Rochford.jpeg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a4630a6958a0f1f9c6d0edb7ec416432ab81b4cdb90d6fb98df76c54356a2f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 631027
cf-polished: origSize=46538
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44939
cf-bgj: imgq:100,h2pri
last-modified: Tue, 25 Apr 2023 10:03:52 GMT
server: cloudflare
etag: "6447a588-b5ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvUQbVKvbnjYU1SpQt3WyiY1IQcMI4T5FpSEn8H%2F8LByt9xte2Ay%2B5D%2Fq8I%2BqX%2FA4k5ll80HpQRWyp6jtjfw6YX6vLGLU1iYmZ3JnnEwT9usm5c5Lv8Y0pnngfN1OUzkHRg81jR8qiMYEtS461E4sHTG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c1b90f77e9937d2-FRA

GET
H3 200 Josh-Goldfarb-F5.jpeg
www.securityweek.com/wp-content/uploads/2022/04/ 48 KB
49 KB 58ms
40ms Image
image/jpeg 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/uploads/2022/04/Josh-Goldfarb-F5.jpeg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f84d0f2e23ebc9a3110529d50b9f83e99068e754b20c81ff8fcf7f078503aa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3061319
cf-polished: origSize=53022
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49605
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jan 2023 07:15:16 GMT
server: cloudflare
etag: "63cf8584-cf1e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FflCzi7FhiLEwIfjdrmsq00VicreRu0kc4uLCNaYHhuiH%2Bl4va19p6uZgpd%2FL%2FT3OSOXqSu9Fseiwg7Y4%2F6he0T6FeME3GVGVh3%2F38WhHqnnDqm26y13zdYuA0gy7jwQv7bX2rJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c1b90f77e9a37d2-FRA

GET
H3 200 Marc-Solomon_Bio.jpeg
www.securityweek.com/wp-content/uploads/2022/04/ 18 KB
19 KB 64ms
46ms Image
image/jpeg 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/uploads/2022/04/Marc-Solomon_Bio.jpeg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36380ba65c78f1e8a6ee7fd115d7053e7e0ba33f4a5fa1c79d05042fc5db85b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 545987
cf-polished: origSize=19258
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18824
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jan 2023 07:15:16 GMT
server: cloudflare
etag: "63cf8584-4b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTvRYBMYwi4CeuHqxySDTmXVybe7osHcoviQiOeh4Ezl%2Bh4jWMOOLEbJUB8gR4rRpg8Un2YkW8JIcwcsvfWSksCDICry60%2FSlUcntE1bKSB4UAPNYlJJm4v65jR9ED1z%2FErSL9wy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c1b90f77e9b37d2-FRA

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 19 KB
7 KB 87ms
56ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7c1b90f78a93bbb5-FRA

GET
H3 200 lozad.min.js Show response
www.securityweek.com/wp-content/themes/zoxpress/js/ 3 KB
2 KB 44ms
28ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress/js/lozad.min.js
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7924455
etag: W/"63cf8587-c17"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPTehYaXtyDhFjYYj2%2BRybitSoiwOZu8Egg%2BznEROnshmHnFqVu4pUSqGcFkcGxV6Se%2FisBmtFOPzWIIOHbxWcLcsA3EvRkPeRfKwit62bPLu83jnrhyjw7SPkF8F7wrCL4OKwy%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77e9c37d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 intersection-observer.js Show response
www.securityweek.com/wp-content/themes/zoxpress/js/ 10 KB
3 KB 51ms
35ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress/js/intersection-observer.js
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e71d11284fe33d09fe11d031d1517b0383750bc5dba2faf77e87f42a609a1b68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7924455
cf-polished: origSize=22304
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
server: cloudflare
etag: W/"63cf8587-5720"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqWviEMI21lwIIBGMxtsE6LA8pl2K6aQE2Kc2lX8bmnuI8%2FAnBcWZoOG42je1WRnuJE1MIOtF469x%2Fk%2F3oHYWRBxRUNaXgjhMm6Cq%2B5meOw0cHxo1lUWOkCfEsVmjSgLnPbw6JhP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77e9d37d2-FRA

GET
H3 200 comment-reply.min.js Show response
www.securityweek.com/wp-includes/js/ 3 KB
2 KB 53ms
37ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/comment-reply.min.js?ver=6.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2461916
etag: W/"63cf8581-ba5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwGndJHMLbxyt%2BKn6OgLgpheskHLpAkt7464Whb3NyUM1HK7gbiqFGTXIB6RDFEPKfAA7u2UroxWIeDwWTbyYi73Ui%2BbpFzWavOByqzLWahdHkW4DNNiK6bIBnuIOBrStwTQ0WfH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77e9e37d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.infinitescroll.min.js Show response
www.securityweek.com/wp-content/themes/zoxpress/js/ 21 KB
12 KB 53ms
37ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress/js/jquery.infinitescroll.min.js?ver=6.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 002d4e61d6efae0d93d62d4c12576e427302f32361e675aaffa3691ecd9ae17d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2461916
etag: W/"63cf8587-54c9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5IMnVRMDF3A2%2BItnlzscUnW%2F%2Fb2WAnT5SD0bhNetXUQr7zOvl%2FWxUHFnQ6GhUyC4JZEc87X0D4Po7jrvRk9ZgnrcKEQHri85ovyytus6FhFO1Tvq8PmfLAUOMKUdib1lyFA%2B5y%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77ea037d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 retina.js Show response
www.securityweek.com/wp-content/themes/zoxpress/js/ 2 KB
1 KB 63ms
47ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress/js/retina.js?ver=6.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6d935c5494a7d6121e463f319ac4882f805d38989d6dac70ec84a29a203d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2461916
cf-polished: origSize=3104
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
server: cloudflare
etag: W/"63cf8587-c20"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCy0kGqQyXfPc9Vhr9uG1gzu9XJPW56b14fGw58IMvpCzc%2BIcPKnVoWerTeKlyZn6JJtW5gKS7lC3t3BhVNRkb0y8z4mNdRyBLhZ4URSsHAOQv9BrcVSGh4cAG9i5vZWGD5a5sZ8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77ea237d2-FRA

GET
H3 200 scripts.js Show response
www.securityweek.com/wp-content/themes/zoxpress/js/ 73 KB
19 KB 63ms
48ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress/js/scripts.js?ver=6.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37f724a365094e5859ef50dba7afe3764412c6cc9931a8abd7d9dc85751fd881

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2461916
cf-polished: origSize=113963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
server: cloudflare
etag: W/"63cf8587-1bd2b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sxw%2B8vmk8e5%2BZomT%2Fm%2FveuHJsuf%2Fm%2BOeSpvDppTIVFX8nO8AgJJQAfXY%2B1HUXsnnReDtRHbj%2FGTruuNQx1mWGa%2FyzauThgaWOqY2MpwJKb40unWcRSDLmC%2FZRsihxic14dXw8V%2BE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77ea337d2-FRA

GET
H3 200 zoxcustom.js Show response
www.securityweek.com/wp-content/themes/zoxpress/js/ 0
466 B 50ms
35ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress/js/zoxcustom.js?ver=6.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2461916
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
server: cloudflare
etag: "63cf8587-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2trGOpoZJl8j%2Bf6FQkBhPEa2Qg2iAbl8ElFZzk%2BKnAWfkWo3yNCeZmcudZU3nfTabhzUtJ606cKLK3xyXLbPKVxk2sBgsWpJtv07UMzjI%2B0Qbsf3zOOJ%2Bsx%2B4n2xsSAW8x6WubhQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c1b90f77ea437d2-FRA

GET
H3 200 reviewer-widget-users-reviews.js Show response
www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/ 90 KB
33 KB 65ms
50ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/reviewer-widget-users-reviews.js?ver=3.14.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71a9929c39f7b0020a343a7cd3685ae547fba1f21596f7982ed2c1ded802be03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 504520
cf-polished: origSize=92382
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:26 GMT
server: cloudflare
etag: W/"63cf858e-168de"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhgBUgYwc%2Fn8W2ejVqsEMZX6bb5nnMFAaJjhCcGg2YhT%2Bmt0gWoqjFYCm2IrIptUBRiBfqQhahhC3gFLsnYl7jiQm4lzYcMDF1woiN5bagzThY8WKOAwMFZReCRdJOW%2FiqBAcb8N49jZ%2B5NQubehzu7Y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77ea537d2-FRA

GET
H3 200 reviewer-reviews-boxes.js Show response
www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/ 131 KB
44 KB 66ms
51ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/reviewer-reviews-boxes.js?ver=3.14.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0b1517dc148ec4fdcceacae881103ffa7e54e74c32c7dcde5cdc9826ea735de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 544234
cf-polished: origSize=134499
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:26 GMT
server: cloudflare
etag: W/"63cf858e-20d63"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CMNBiMK86pEFQJzbD%2BOKbvaonV5F8hUQPuLtdV%2BijWpRsbw0FcIDMSU4AZwfUw4hdxNhlVkowpvGN2FoSNR%2FAvFcKj3QykCaw9Msjn3y28ZgJ0i9L04Uh7jlYMrbS6kUe71iUp5O"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77ea637d2-FRA

GET
H3 200 reviewer.public.min.js Show response
www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/ 4 KB
2 KB 53ms
38ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/reviewer.public.min.js?ver=3.14.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cd14927179cd88891fae3057a4ce4a7cf499af73f65c3b2e83f32e1598c0288

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7924455
etag: W/"63cf858d-e80"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qd56iDyuMlhK2qc%2F3fhqpY7gPPlNCSDtJJBl1OtUHgBX0tq8WhIULiiXO6GgeCv7DY71I%2F8CZRuxaRDGfBQY%2B%2BGXWhnTnVvi1R0U5PLohMpbfkjIy%2Bz1CTJK5GwKjJrnz8R%2F6YxK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77ea737d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.knob.js Show response
www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/ 11 KB
4 KB 72ms
58ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/jquery.knob.js?ver=3.14.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83f279ffab2866365df78e9244339e46d7752b13e43db75ca5200f9a0ec07e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7924455
cf-polished: origSize=24920
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-6158"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMOOcVWc1X1UoFE54ZIagYjaHvOiWGXIQzfSXzG9nIr5GL8BwiJ0%2F18asmldXxNfxbc%2F1o1Ox%2BRywZfrFlX9WbG7EH7dRlb3hy%2BZOyjpQO904tP%2Fp1vSVIPGCJ%2FlbAUrn4Fvns%2Bs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77ea837d2-FRA

GET
H3 200 photoswipe.js Show response
www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/ 40 KB
16 KB 73ms
58ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/photoswipe.js?ver=3.14.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf01342c724e6c0d84e911d3451b078576a3208c7300378ef80138089e6d79e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7924455
cf-polished: origSize=41387
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-a1ab"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFvDpXRwq4oFu%2Bf9omJEDnNLBgVNtSXTDFQ8G1xSPDXYeAC2vEARspJjOMOAQUbSgsJNfS1nvpgsbycaCibUlTxl1l5fOt%2Fsb0OSdxK7izJUpX9fnNOF2sUTIv%2FCWkWbCmdgSzoQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77ea937d2-FRA

GET
H3 200 jquery.nouislider.all.min.js Show response
www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/ 18 KB
7 KB 49ms
35ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/jquery.nouislider.all.min.js?ver=3.14.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbf94e5438333ae008e9b742cf1dd74dd310f7385ebe6f9ef4fdc82976de34a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7924455
etag: W/"63cf858d-466e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIDpA65Ti1BHz9fBVTp1sEWcpG2Xcfl8LQh%2Fw2%2BfL4GCX3%2B8xh6ZxNRkJml7XJhBBzvD0IMJsMZ%2B8b3mS3%2F%2BIoGLNGb4FPcsoFJGq%2FOTjiMU726zkOXVe3Czr77BIa%2FYOS3vPKn6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77eaa37d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.waypoints.min.js Show response
www.securityweek.com/wp-content/plugins/zoxpress-plugin//scripts/ 10 KB
4 KB 51ms
37ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/zoxpress-plugin//scripts/jquery.waypoints.min.js?ver=6.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42656c5a534309426b3c5452b07c4013df29165e754e36e51d724ad962bebc1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2461916
etag: W/"63cf8587-28ee"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KvWwjBULc%2B%2F1LlXr7LK4K75TKYjTCAuXhdGV6aFAoKHAF%2FHSrjyXFQbXJPE4f5xBmjkP0T8D0hrfDb%2FYGdUUPh9jML4Oyvs8Gj1EWDldF754fyE6IvZ9OY5p4s5wfXLfnHQ8wcT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77eab37d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.sticky-kit.min.js Show response
www.securityweek.com/wp-content/plugins/zoxpress-plugin//scripts/ 3 KB
2 KB 86ms
71ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/zoxpress-plugin//scripts/jquery.sticky-kit.min.js?ver=6.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2461916
etag: W/"63cf8587-aee"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIYZnFzn3xPRv3jFPusOHCbf8qtkchxSdgeuMRCuQOj7JzQtJynmdv1JSKYoOMmEhIrwSI%2BPiFjdVgMxtH6H7DlzNqy9%2FmYzr9T816En0Sl2S0uIwHNeVkscB%2FAc5%2BL5nHjaR3W7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77eac37d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 authy.js Show response
www.securityweek.com/wp-content/plugins/wp-2fa-premium/extensions/authy/assets/js/ 6 KB
3 KB 86ms
72ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/wp-2fa-premium/extensions/authy/assets/js/authy.js?ver=2.3.0
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7b4f4c6aced0be2cc9004285b53f58cf62f74012a321e86938f12719fe1113a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7924455
cf-polished: origSize=8883
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:20 GMT
server: cloudflare
etag: W/"63cf8588-22b3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIqLh%2FP2BMKdqeek17I%2FEQBHfq1W0o%2FV4TYq2oZZ0hHEfq8dStNKJCHVj1%2B72gi6zsBK%2BLu468spbfakJFWkPb5VQ2HD6wXfgt9dR0pq72JjCaTCMTuY%2BqjY8CWoi5Kamc15WiHk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77eae37d2-FRA

GET
H3 200 intlTelInput-jquery.js Show response
www.securityweek.com/wp-content/plugins/wp-2fa-premium/extensions/authy/assets/js/ 42 KB
14 KB 86ms
72ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/wp-2fa-premium/extensions/authy/assets/js/intlTelInput-jquery.js?ver=2.3.0
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e423a106197def7cbfe1ae2142caf48a39478ddfd3e4e81b7cb033db5bea3c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7924455
cf-polished: origSize=85819
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:20 GMT
server: cloudflare
etag: W/"63cf8588-14f3b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDgNJYRRLFHx8LNBoPTYu6bxjLNFyYpoFagY%2BfZh5Qw5dmfb0VzfuonfHgd5uBGhMLXQHSSKAYzmh5qGMXY8QEYbE%2F%2BQuxIax5ewo93%2BxIpaRGxqjf7lmYc%2F5kTdaANgOQgc1NU1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77eaf37d2-FRA

GET
H3 200 dialog.min.js Show response
www.securityweek.com/wp-includes/js/jquery/ui/ 13 KB
4 KB 87ms
73ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/jquery/ui/dialog.min.js?ver=1.13.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afa9c32be463f8f904da58a52ffdd8e60d68273959cae633bd89efbb27fa5b64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7924456
etag: W/"63cf8581-329f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3CPE7O12pl9EzqbjcdykSRJ0Fa2fMlgGd3rxST%2F5VIAL16uXii3YdP7CpT1%2FzlSAgzBDdDo%2F59ur2%2FwYedgXEBXKp%2BivfohVYMJ2qRpz07H0TKfj1ORgqHW%2FDn3F6jx8EBsYzRkS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77eb037d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 button.min.js Show response
www.securityweek.com/wp-includes/js/jquery/ui/ 6 KB
2 KB 88ms
74ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/jquery/ui/button.min.js?ver=1.13.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2e7e1df5aa596aa4afbf50374723963b66d3c94348d1410f2256d4aa86ddbaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 09:09:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 498901
etag: W/"642d3aad-17f8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LCSQ9iNaWMB7NHDJV3vgY19UwNvE2jvkMu3NpLFG71hwAgbYYw4phaTbJtOmsvQR1%2BF%2BMchXcHsFsO3jFBdrcSmszRUPMiSga%2B2h%2Ba8wAdZvh7vupFND9C6kbiloAzs4EWJ5Czy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77eb137d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 checkboxradio.min.js Show response
www.securityweek.com/wp-includes/js/jquery/ui/ 4 KB
2 KB 88ms
73ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/jquery/ui/checkboxradio.min.js?ver=1.13.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2f925db6119917230e885b016055a6a324d33b10585d5c7f106665ec157754e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 544233
etag: W/"63cf8581-10d5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmrAN%2FfwL7%2FZTP60KApiRfrjwrTjWcFPfIKrSGNTv5MxXzBMcTy9uu3xuHwC3CYFE%2BINOAfpSf6CUE9yc3iz5QnxKVtn1AHR0VDMTP9THdBjHmdYG3VUrX%2FrHBwlrpDae5TUc39n"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77eb237d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 controlgroup.min.js Show response
www.securityweek.com/wp-includes/js/jquery/ui/ 4 KB
2 KB 89ms
74ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/jquery/ui/controlgroup.min.js?ver=1.13.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da343c70bf28bee6a1a9238dd5147b190b675a523e525e9a52b2bd9aaf48e4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 547355
etag: W/"63cf8581-1126"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CsXRRPRFoAM0wbdFjQZSHJUno9%2BcRo7Q%2FEx%2FyQJdByv5sSf%2BvfehyWf27q76111vNfRRJOmaYu1pJMGR3z8roY0AGjRcJs08tQLv0x%2Br0o3mEZLtutf8lGOjgxR4mb8nTvft2qsj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77eb337d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 draggable.min.js Show response
www.securityweek.com/wp-includes/js/jquery/ui/ 18 KB
5 KB 89ms
74ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d5db554f7ae65713d70fd359a046d051dada869941279557a39d0749beded33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 09:09:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 544233
etag: W/"642d3aad-4791"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpsOVYMN4EGnCc%2B%2FZZUtcdYN9eC1FssNyCFjaKTKPt8Fr6Up9BHHqDq1zHAg1UGvmEvpMO1hjBkPTS00sLGtD1Hb0YvdC4fyg3N8AIyllCzQZn8jbhZFhBvVhU4i02YzXiNYs%2BLA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77eb437d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 resizable.min.js Show response
www.securityweek.com/wp-includes/js/jquery/ui/ 18 KB
6 KB 101ms
86ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 706e4d8669d29a9e13cfb13a59b6c1341ec80a08c9c10eaa465756366006f327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7924455
etag: W/"63cf8581-4911"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o07mx1MI94auBPtPVD375WuhQKWKb7P7We1qytdiP0ecfMXR3o4ygRj%2FwPdYONjodVGjJCd5y6Foiu7TsQ%2BcF4El1wh6X0ff6nHLEDnojlQ8FqwAtvvGXZtiq3%2BKFDjEQoiRNtK8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77eb537d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 mouse.min.js Show response
www.securityweek.com/wp-includes/js/jquery/ui/ 3 KB
2 KB 108ms
93ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 809ec973a018b6bf8ac18e74bfffc3d25182e6f44df00128d531cf3e07570ee6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7924455
etag: W/"63cf8581-d4a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TKFTNMEQSOm280YOXcxj7UeBav29Ls7s%2By1M1pkLRN5SMFeWz7TAeBm4%2BRLrb17%2B7N%2B1cgiMJA0SFEbQSbmJmfGk%2Fg%2Be29xtPZKeLICbeeGArrGYo0V%2F7Sz0G%2FPzLs%2BcDjf8%2F7m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77eb637d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 core.min.js Show response
www.securityweek.com/wp-includes/js/jquery/ui/ 21 KB
8 KB 109ms
94ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 09:09:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 498901
etag: W/"642d3aad-53be"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muwvD0t2vFkKAv8PE%2BrKE1lE%2FEJ1M1%2FOjTTWwcJVlVZuyuv0onLisiWdg%2B9dyR4OMoKCiS2f9bQ95XaAlhrSTbkfxXvNJWLuBvH%2BW8srOk00FKM8s3fJP02c76lIH9COeQf9ePai"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77eb737d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 main.js Show response
www.securityweek.com/wp-content/plugins/theia-sticky-sidebar/js/ 341 B
687 B 109ms
94ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/theia-sticky-sidebar/js/main.js?ver=1.7.0
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7c860a1505343bc4dc80a473bfe23f625da447d71af4db67b529065295d5171

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 544233
cf-polished: origSize=435
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-1b3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNabb16%2BAFBfTZ2mCvIKGv9K064I648Em6sQ0FtqRH1YFPp0teUoAZeg6JgtfSf2K0M5Incqc4odEPvgRbH4x7YaYU1M9GRvHbjyllc8LitdHHtKl1GMgS7LY%2FqzpTUf2oJDioOV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77eb837d2-FRA

GET
H3 200 theia-sticky-sidebar.js Show response
www.securityweek.com/wp-content/plugins/theia-sticky-sidebar/js/ 7 KB
3 KB 109ms
95ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/theia-sticky-sidebar/js/theia-sticky-sidebar.js?ver=1.7.0
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1ad56a192cfb796852af711e1326b02a9af338326a60fe291ca65fe8763ddda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7924455
cf-polished: origSize=15926
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:24 GMT
server: cloudflare
etag: W/"63cf858c-3e36"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ToEv5aPsTrAkJFVHE92oOIKm1K65J5I2UdedEIKRpm9eTl8WnDgGM2amPPaS7iCJOeKXDwJTVhFiOf0Ho%2BHz0CWWw%2Bw6RAbGoeZwsdwexSymtf3sBUqIccyIvuLqVdeFyjURFO34"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77eb937d2-FRA

GET
H3 200 ResizeSensor.js Show response
www.securityweek.com/wp-content/plugins/theia-sticky-sidebar/js/ 3 KB
2 KB 110ms
95ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/theia-sticky-sidebar/js/ResizeSensor.js?ver=1.7.0
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb4bd4419d686ab440d7ceb2101dcd4155b4f18a12c99052a44fb503c349afed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7924455
cf-polished: origSize=5955
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-1743"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66ez%2B35%2B71nMUYRA0Xdu6RqC%2FQ1qrojzwrIeue%2Fkfmm3FSvoBOqI7OzbJKDUFRX55ohBLMfK7eixymbB5JLf44nktJkWLd%2FMp8tabZ9d6XpgFZXWwRLfRaAmpHCZa1zeJYdZ0b1R"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77eba37d2-FRA

GET
H3 200 security-week.js Show response
www.securityweek.com/wp-content/plugins/securityweek/assets/js/ 362 B
717 B 112ms
97ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/securityweek/assets/js/security-week.js?ver=1.3
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35fa213f71b954999771aef54be9c8a4c7d793353ea3f575cb116d00dd58f2b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7924455
cf-polished: origSize=608
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-260"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4v0aHc55tm9WlhiTF1XCakgB00%2BQfEVCe2TK%2Fcq%2FtL2%2B5agWKz7m9tSNzh9YFEfc0UtgEplF%2BRBo7rF%2B01TOLIV2qirWwhxkRgd9hJeBPRdlJ33aHyrUX05oNZRdHwrfyVAZbCh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77ebc37d2-FRA

GET
H2 200 5319632.js Show response
js.hs-scripts.com/ 1 KB
896 B 181ms
128ms Script
application/javascript 2606:4700::6812:853b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/5319632.js?integration=WordPress&ver=10.1.16
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:853b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f571c328bd231ff14cd9c95370611470bbac73e21049be50798855c0321df307

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 03 May 2023 20:53:44 GMT
server: cloudflare
x-hubspot-correlation-id: b19047a3-650d-4415-8617-950792c1c919
x-trace: 2B1938C550DE65900F9A99EB0B797389533AD41C06000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.securityweek.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7c1b90f7b9e61d90-FRA
expires: Wed, 03 May 2023 21:24:38 GMT

GET
H3 200 comment_embed.js Show response
www.securityweek.com/wp-content/plugins/disqus-comment-system/public/js/ 878 B
878 B 112ms
98ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.23
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60631ed8f1dfa6713ff9e30fec41786aadc477c0cac5a75dca66b5a49f76b901

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 498901
cf-polished: origSize=1232
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 25 Apr 2023 18:24:46 GMT
server: cloudflare
etag: W/"64481aee-4d0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbZgNG6sQTGP18Som6GyfrSi6tSVdnjsj%2B%2FM%2BMuogmofAKNEpDh9zGBtgwI1T9D7EyXXGlk2u3u7YNPe4kpPQN9FBp5fblpPYvf6%2BIUwXNOHT4%2FuD8CbvwtUZ7gyMr%2B4Jgc3KRds"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77ebe37d2-FRA

GET
H3 200 comment_count.js Show response
www.securityweek.com/wp-content/plugins/disqus-comment-system/public/js/ 708 B
875 B 113ms
98ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.23
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 701643
cf-polished: origSize=889
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 25 Apr 2023 18:24:46 GMT
server: cloudflare
etag: W/"64481aee-379"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfRZSEF7SnD1Egl72s28DGnxCqdtz0b3pgBfvCAIwvMmh7NH3uaZ%2BpshAZmxLi4z40e3veRUMQXA4Fca3q7ZxLmqDOU6w3hhX5O8PwSfqdN5ot8MaDSGD7khUjk86ju4vew2O1NR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77ebf37d2-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
83 KB 98ms
25ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9QV8NZWNBC

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2fdcf2fbd7dda2f266495e01b4674118fee5cafab182b60f05cc9c0cf7af1536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84659
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 May 2023 21:23:38 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 209ms
91ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58f638229d16d32db54b5c1662f7984265ef130cf59d9dede54134ad308403dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24839
x-xss-protection: 0
server: cafe
etag: 24 / 19480 / m202304270101 / config-hash: 5356058142132348837
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 May 2023 21:23:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 167 KB
61 KB 98ms
25ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-11590534-1

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e201396d9731753c710feaf9f81f1a5405b0650bd4dd9ffac1f8a0ac654808d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 62519
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 May 2023 21:23:38 GMT

GET
H3 200 wpp.min.js Show response
www.securityweek.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 3 KB
2 KB 112ms
98ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.1.1
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7924455
etag: W/"63cf858c-bd7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzJuYuHSBykUrIPqU7UU1bq2LbeaezYwNj0txhTg%2B5HlRrOFDcu7un2NLSgKufV%2F2PzKSVr%2FG42yN6fXLZ17V2XMEKvmhcKv1LxeYWuNTSeTfvKDYTdrjPcdHqcy5QJ9xpQ%2Ffx6j"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77ec037d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 tps-transition-slide.js Show response
www.securityweek.com/wp-content/plugins/theia-post-slider/js/ 2 KB
1 KB 113ms
99ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/theia-post-slider/js/tps-transition-slide.js?ver=1.15.1
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f50b7e2dd83cfd38b606d2eb70bcb99dd4d4c462295db0baecaeabe7812e8f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 498901
cf-polished: origSize=3219
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-c93"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHqVdIzQZ1BDUTwDO%2FAnmM3nWkoc3bo05fhtiVn8Pq7DKUILPuzLsj9003DVI7XqnL6OPPqG3aFrLiDkXDOlVhabpD5mvG%2BskyVrDgqdUyTSLu7hFTBN6J4sK7mUP9jdK3KZaaOb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77ec137d2-FRA

GET
H3 200 main.js Show response
www.securityweek.com/wp-content/plugins/theia-post-slider/js/ 707 B
834 B 113ms
99ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/theia-post-slider/js/main.js?ver=1.15.1
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2914edb33157588c8d440c36f1ea06652c133febd1719a344d79d078ec6c41a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7924455
cf-polished: origSize=1036
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-40c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFOPwB3WCBFD4mTa%2BZKcZnobDKib6a5InZFxlHUwJKN5gVlhGkfM%2F34j7Cu71EW2mA0VS%2BUMShu6e%2Bsd4HZHaURa6m%2FTZn41DSeWf%2BxbpmoNtSWqEUs9rM1q3CV%2FSBnAV8iJMeVV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77ec337d2-FRA

GET
H3 200 tps.js Show response
www.securityweek.com/wp-content/plugins/theia-post-slider/js/ 17 KB
5 KB 113ms
100ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/theia-post-slider/js/tps.js?ver=1.15.1
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41514feeb38f4f3d0fcc41d00d04c744e0e534930b030ca6efc0eedb892022ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 499798
cf-polished: origSize=35644
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-8b3c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRMkR%2B%2BETO4OyOkDBCuFsqloklPKWJGEbjlzWYeJG7WDM2a1Moy01%2B9aIGc6TRlGo89p0P56u5JMr5jC9JM6t9iAjc3x68ZG1PjuPA85Zl0o%2B74CZDS9j1OEr%2FumlV%2BXGKzBh%2FAiBd3W%2Ff52N1%2BKO6DC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77ec437d2-FRA

GET
H3 200 async.min.js Show response
www.securityweek.com/wp-content/plugins/theia-post-slider/js/ 11 KB
4 KB 114ms
100ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/theia-post-slider/js/async.min.js?ver=14.09.2014
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42f8505b4b6d5476091672c8ebc27d1ed2b9d21a68890145135578a6737ef053

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 504519
etag: W/"63cf858d-2c43"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKjeex0WQgG5b7%2BYGpK9OtJdnesiIVAml8dhzDx0SPzbn7myodsdpcJTgZFZz8uNLkdQXYPA7PnNRqZMfjhySsFmBCkK5A%2BxmB855KnCVZdTC5YrUFIxXtblq7C2baZTsz6u534%2BBbjdLVgl0bs0lr6Y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77ec537d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.history.js Show response
www.securityweek.com/wp-content/plugins/theia-post-slider/js/balupton-history.js/ 22 KB
7 KB 115ms
101ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/theia-post-slider/js/balupton-history.js/jquery.history.js?ver=1.7.1
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c54ab568b73e88af409e7615e9c6730d701234ebe9d64b131a08fccb0bef3deb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 544233
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-598f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZX9q5oM7j%2BrUOmUcC%2BCNmvUK6kN8SfxuXaipsds4cUjSBizt1j33UuP14BoJOPdAG71I8OnFhysEJDPzWgAvkBYkE6Cst1pJCZahzAgvpvmQ6m%2FP%2BAxXlY3gGfs2pm3AOKrFi5W"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77ec637d2-FRA

GET
H3 200 jquery-migrate.min.js Show response
www.securityweek.com/wp-includes/js/jquery/ 13 KB
5 KB 113ms
101ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 09:09:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 498900
etag: W/"642d3aad-3470"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLtEFyIqb2lVwEHsG0Pcuq3b6RIZ%2F8eVNXsviWw3uExzUJiej2kngfLtA0%2B1zOOoLz92q3qtSKZEfcIr%2BVmPzGeUbyvc%2BVeA7JI5JA%2BC0CRaItaNuTcrNnvIR68Ahe3gDfzpyVs3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77ec737d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
www.securityweek.com/wp-includes/js/jquery/ 88 KB
32 KB 114ms
102ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 09:09:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2461916
etag: W/"642d3aad-15ed7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YImaLPj6CLYl0kIGFyMsr2c56W8Kr8b8mwIVESX1ZgeRXu4Ty3NdK238o51Fp84eOof0y8tWwZdfCKBFeURgNZJvAunKctPZ84R6SlMAMZTi8DK2FjkOkd4%2B%2BIcwzuW1AIZA4b2f"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90f77ec937d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 vck.js Show response
cdn.justuno.com/ 2 KB
2 KB 74ms
31ms Script
application/javascript 2606:4700::6811:ca35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.justuno.com/vck.js
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/apps/body/gTSU7w8TKow-r0zxLGZWiDD2jUk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa433b899311f6fcb718687df51be730a5a7a3c6ce4dc2474ff26a383307b2ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 03 May 2023 21:23:38 GMT
x-amz-version-id: IStAkkpAXub6mGXsU7R_eEc9Tjbt5OG9
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: MATZCN5597PJX4RB
age: 4349
cf-polished: origSize=3165
x-77-cache: HIT
x-cache: HIT
x-age: 443844
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: CSrhxcW9zSFNHtl1gIVdCj9dZQp6bmriCzrcE5K++iPa+snoTslB0mS1UnhbPPPM6uwB2iDg/Bo=
x-77-nzt: AZySIRn5OEH/xMUGAA
cf-bgj: minify
last-modified: Thu, 12 Nov 2020 22:18:40 GMT
server: cloudflare
etag: W/"0d90f75705633071cb4330dbccfe579a"
x-77-nzt-ray: cf878727b41172949ab49863849a5511
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
cache-control: public, max-age=691200
cf-ray: 7c1b90f7be4c5b44-FRA
access-control-allow-headers: *
expires: Thu, 11 May 2023 21:23:38 GMT

GET
H3 200 security-week-post-7.jpg
www.securityweek.com/wp-content/themes/zoxpress-child/assets/img/posts/ 41 KB
41 KB 91ms
90ms Image
image/jpeg 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress-child/assets/img/posts/security-week-post-7.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5c265751e99ab43911ed9b660e7c451eb90d90a2be7d13b4a594e816781cd36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7919512
cf-polished: origSize=44724
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41911
cf-bgj: imgq:100,h2pri
last-modified: Tue, 31 Jan 2023 09:20:59 GMT
server: cloudflare
etag: "63d8dd7b-aeb4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdfHYF9pH21wDXPD4wa1buX7bz5SN%2FEDLE0Ne4GodZJuue8k38HMQaLzPzhgo3HHpWC3GTpprxffl7hHgFjn%2BVyuP61gtiNTPYroGUrNY0zFICQAi7UOETDXOVkNO0dcOM6Yk7uCf7429MOP8K3CKhDS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c1b90f7aee737d2-FRA

GET
H3 200 Dish-Network-Cyberattack-600x337.jpg
www.securityweek.com/wp-content/uploads/2023/03/ 26 KB
26 KB 94ms
93ms Image
image/jpeg 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/uploads/2023/03/Dish-Network-Cyberattack-600x337.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 657dc3d75177e47f9575635ae97cb34696e8f4a2248dddd63a68c07d974af271

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4577098
cf-polished: origSize=34587
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26607
cf-bgj: imgq:100,h2pri
last-modified: Wed, 01 Mar 2023 14:24:22 GMT
server: cloudflare
etag: "63ff6016-871b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAR4zi90WanHkmUl9J8CIMHLQigxvSSU6YHpsL7crUomUDPkP9X3adwRENIJQbjkD0aTnVkm3z0KbHWY0uQfIQ5T3uhMQKxPjeEUnPxuOTGSUKi2U5ovpIZk6D3rQmDIyHjmNt2YEvkTPlHH3Mnh%2F9a5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c1b90f7aee837d2-FRA

GET
H3 200 Ransomware-Information-2023-600x337.jpg
www.securityweek.com/wp-content/uploads/2023/02/ 26 KB
26 KB 97ms
96ms Image
image/jpeg 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/uploads/2023/02/Ransomware-Information-2023-600x337.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c47493311effe3020f3e9d2d1efc214fbd84861a1b7410ce17dc9d24273b6911

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 498898
cf-polished: origSize=29185
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26284
cf-bgj: imgq:100,h2pri
last-modified: Thu, 02 Feb 2023 02:31:59 GMT
server: cloudflare
etag: "63db209f-7201"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzAs1oR4UoPOU5ClK2l77RuTt7bGmyCsZXoCHRCEAjXlrNojmbzuzVpH04%2FgWYibnyr9ThVPCL8xssf0K9SCWf5fHD4IHC53w4Wen6jACzO%2FLfXKAMq%2BCc3xOGPopdmXDZ5XcIz%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c1b90f7aeea37d2-FRA

GET
H3 200 security-week-post-4.jpg
www.securityweek.com/wp-content/themes/zoxpress-child/assets/img/posts/ 61 KB
61 KB 99ms
98ms Image
image/jpeg 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress-child/assets/img/posts/security-week-post-4.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02a3597511c39017b74f5436f545edf5482733b105da6012b77e4793ab552caa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 545753
cf-polished: origSize=66734
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62432
cf-bgj: imgq:100,h2pri
last-modified: Tue, 31 Jan 2023 09:20:55 GMT
server: cloudflare
etag: "63d8dd77-104ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcZZQXMt48TPWISn6cm9CDv3tQlpDWEMkSJiK1flJyF24oyqpCehMTer695XwP%2F8IpZW0urXkmhpi%2B9K%2FiikdRTiddhpVc2CPxqnjwmvkN8wypKZQmeM1y8ppIi6uIDgl3Eu9biq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c1b90f7aeeb37d2-FRA

GET
H2 200 account_version_check.html Show response
my.justuno.com/ajax/ 36 B
373 B 70ms
24ms Script
application/json 2606:4700::6811:ca35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.justuno.com/ajax/account_version_check.html?id=A230AE4D-581E-411F-ACCB-A081243B2697
Requested by: Host: cdn.justuno.com
URL: https://cdn.justuno.com/vck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5a9492d83cec1c6c5002992016d131fcfac3631d3d5e9fca0943efe5073971c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 496
p3p: CP="CURa ADMa DEVa TAIa CONa OUR BUS DSP NON COR"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 May 2023 14:15:22 PST
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=30
cf-ray: 7c1b90f83e835b44-FRA
access-control-allow-headers: X-CSRFToken, x-csrf-token, x-rover-source, X-Requested-With, origin, content-type, accept
expires: Wed, 03 May 2023 21:24:08 GMT

GET
H2 200 mwgt_4.1.js Show response
cdn.justuno.com/ 207 KB
52 KB 29ms
28ms Script
application/javascript 2606:4700::6811:ca35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.justuno.com/mwgt_4.1.js?v=5.63
Requested by: Host: cdn.justuno.com
URL: https://cdn.justuno.com/vck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82f855dfdf46bd5db6c2f95de7bad134c2bf5562c79af27c525c96fe0a5bb7be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 03 May 2023 21:23:38 GMT
x-amz-version-id: aWsmm8jDuXLx14vh6QSVL7NqcGK2QAA2
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 6HA2ASW56X3ZN80Q
age: 64538
cf-polished: origSize=282136
x-77-cache: HIT
x-cache: HIT
x-age: 5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: q76VFTd8jsaEBZJh28ryiLUZe2BojyybRsgW5KdSMTFV+RwcgQcQedaIfZPWrgsNcLKOIUz9k6A=
x-77-nzt: AZySIRkepHH/BQAAAA
cf-bgj: minify
last-modified: Wed, 25 Jan 2023 22:03:44 GMT
server: cloudflare
etag: W/"2ad68e931c14c9aa6cafc1489d005d30"
x-77-nzt-ray: cf878727ebafe81faca7d163b356151e
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=700000
cf-ray: 7c1b90f86e9f5b44-FRA
access-control-allow-headers: *
expires: Thu, 11 May 2023 23:50:18 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.securityweek.com/wp-includes/js/ 18 KB
5 KB 24ms
23ms Script
application/javascript 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 09:09:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 546567
etag: W/"642d3aad-4904"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2DYoKWmhCnaKScJtH5Fom%2BCCcuwVhBQN5RrV5W35imNBBU%2F1Dcdb0VMaHaocXMRU5G6gL1TJFflwAmgudlDbmuecT0BTkvfSybOUQLSEr%2F1jA9WaOmUcj1k9zAp7OIhMMbw6DNW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c1b90fd0c0a37d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 app.js Show response
ads.securityweek.com/ 67 KB
13 KB 59ms
14ms Script
application/javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.securityweek.com/app.js
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Weng, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 7d9b7ee9ae860b2f27e08578dacc166269ab838417994fb62c568ff40245b5a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:39 GMT
content-encoding: gzip
last-modified: Fri, 17 Mar 2023 20:55:24 GMT
server: nginx
etag: W/"6414d3bc-10c8e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
expires: Wed, 03 May 2023 21:53:39 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/ 398 KB
123 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ca2039a328b8430658284ee603ab8b1a8554e7e35afae2a094ea9838af9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 19:48:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5722
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126154
x-xss-protection: 0
server: cafe
etag: 17925783384364415813
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 02 May 2024 19:48:17 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 78 B
80 B 100ms
48ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.securityweek.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9c358163c9330587ecaf732269ef24fb4198cbb2e010b61e7eb8d2a3b3d94e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
x-xss-protection: 0
expires: Wed, 03 May 2023 21:23:39 GMT

GET
H/1.1 200
OK count.js Show response
securityweek.disqus.com/ 1 KB
2 KB 30ms
12ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://securityweek.disqus.com/count.js

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.23

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 03 May 2023 21:23:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300; includeSubdomains
X-Amz-Cf-Pop: DFW3-C1
Age: 35
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 21 Apr 2023 16:07:49 GMT
Server: nginx
ETag: "6442b4d5-367"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: jKCDmul-SiS5RXVA1UmMTsTUCR26cspri31bXtU3VcUEjv13CY3-Hg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
82 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M1YM36C8RW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11590534-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9039dd5a379b030cfc05b6fd664d70cc64657e5a26a093f7a08111b4e3bb9f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83960
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 May 2023 21:23:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 54ms
12ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11590534-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 May 2023 21:05:04 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1115
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 03 May 2023 23:05:04 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 51ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-9QV8NZWNBC&gtm=45je3510&_p=28679653&cid=262825012.1683149020&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683149019&sct=1&seg=0&dl=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&dt=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%27APT38%27%20Group%20-%20SecurityWeek&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9QV8NZWNBC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 21:23:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.securityweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK embed.js Show response
securityweek.disqus.com/ 78 KB
25 KB 9ms
9ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://securityweek.disqus.com/embed.js

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.23

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

bec0d00465c31b7c81d472a0a97037327c190cecfa064553a2b1a4c1054781b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 03 May 2023 21:23:39 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=300; includeSubdomains
Server: openresty
Age: 1
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 25393

GET
H2 200 ;ID=179018;size=970x250;setID=593294;type=async;domid=placement_593294_0;place=0;pid=8939127;sw=1600;sh=1200;spr=1;rnd=8939127;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-ban... Show response
ads.securityweek.com/adserve/ 2 KB
1 KB 19ms
18ms Script
application/javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.securityweek.com/adserve/;ID=179018;size=970x250;setID=593294;type=async;domid=placement_593294_0;place=0;pid=8939127;sw=1600;sh=1200;spr=1;rnd=8939127;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F;atf=1;click=CLICK_MACRO_PLACEHOLDER

Requested by

Host: ads.securityweek.com
URL: https://ads.securityweek.com/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

116.202.46.88 Weng, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88.46.202.116.clients.your-server.de

Software

nginx /

Resource Hash

19fe4427547b3eaaf3444e6d437bb6a708120750f54e5fef4f80a0b2cd6a9e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 21:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: application/javascript
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;ID=179018;size=300x250;setID=605204;type=async;domid=placement_605204_0;place=0;pid=8939127;sw=1600;sh=1200;spr=1;rnd=8939127;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-ban... Show response
ads.securityweek.com/adserve/ 2 KB
1 KB 18ms
17ms Script
application/javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.securityweek.com/adserve/;ID=179018;size=300x250;setID=605204;type=async;domid=placement_605204_0;place=0;pid=8939127;sw=1600;sh=1200;spr=1;rnd=8939127;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F;click=CLICK_MACRO_PLACEHOLDER

Requested by

Host: ads.securityweek.com
URL: https://ads.securityweek.com/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

116.202.46.88 Weng, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88.46.202.116.clients.your-server.de

Software

nginx /

Resource Hash

9b0020ab4cca7d9878d71044bafe6009ebaab352d76008043055406b834ec815

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 21:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: application/javascript
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK recommendations.js Show response
securityweek.disqus.com/ 64 KB
21 KB 121ms
121ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://securityweek.disqus.com/recommendations.js

Requested by

Host: securityweek.disqus.com
URL: https://securityweek.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

ad6168938d636056b60aae51f74696f4f5505f60ae84203f0098e5e9174b5498

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 03 May 2023 21:23:39 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=300; includeSubdomains
Server: openresty
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 21157

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 19ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M1YM36C8RW&gtm=45je3510&_p=28679653&cid=262825012.1683149020&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1683149019&sct=1&seg=0&dl=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&dt=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%27APT38%27%20Group%20-%20SecurityWeek&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M1YM36C8RW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 21:23:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.securityweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 59ms
22ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.securityweek.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 59ms
21ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.securityweek.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 63 KB
15 KB 75ms
75ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3270492465931875&correlator=1111282537943843&eid=31073384%2C31074114%2C31074172%2C31074224%2C31074272%2C31074302&output=ldjh&gdfp_req=1&vrg=202304270101&ptt=17&impl=fifs&iu_parts=1009451%2CSecurityWeek-Home-300x600%2CNewSW-970x90-Homepage%2CNewSW-300x600-Article-Right%2CNewSW-300x250-Home%2CNewSW-300x250-Article&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=300x600%2C970x90%2C300x600%2C300x250%2C300x250&ifi=1&adks=1565590840%2C2323175181%2C154041892%2C3002022740%2C665154368&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1683149019888&lmt=1674504300&dlt=1683149018560&idt=1293&adxs=-9%2C-9%2C1100%2C-9%2C1100&adys=-9%2C-9%2C773%2C-9%2C3314&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C0%7C-1%7C1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&frm=20&vis=1&psz=0x-1%7C0x-1%7C300x0%7C0x-1%7C300x0&msz=0x-1%7C0x-1%7C300x600%7C0x-1%7C300x250&fws=2%2C2%2C4%2C2%2C4&ohw=0%2C0%2C1600%2C0%2C1600&ga_vid=262825012.1683149020&ga_sid=1683149020&ga_hid=28679653&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94869cbea530d3ccee76f59d50ce4bd7be8022c00788ea1440ff4f1be7175aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15031
x-xss-protection: 0
google-lineitem-id: 6287975503,6180097320,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138430923705,138417024217,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.securityweek.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5b305362616ed8f3d8985e68445241db.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9340 6 KB
3 KB 75ms
20ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5b305362616ed8f3d8985e68445241db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 21:23:39 GMT
expires: Thu, 02 May 2024 21:23:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ;MID=179018;type=e959fb862;placementID=2079038;setID=605204;channelID=0;CID=757129;BID=521004982;TAID=0;place=0;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-a... Show response
ads.securityweek.com/adserve/ 0
341 B 56ms
15ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.securityweek.com/adserve/;MID=179018;type=e959fb862;placementID=2079038;setID=605204;channelID=0;CID=757129;BID=521004982;TAID=0;place=0;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F;mt=1683149019795839;hc=e4f83a04a0c3d65e49fbdd660e1be544aa7d3301

Requested by

Host: ads.securityweek.com
URL: https://ads.securityweek.com/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

116.202.46.88 Weng, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88.46.202.116.clients.your-server.de

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 21:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.securityweek.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 42F2 16 KB
7 KB 50ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: ads.securityweek.com
URL: https://ads.securityweek.com/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6883
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 19:52:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 03 May 2023 22:04:26 GMT

GET
H2 200 ;MID=179018;type=e959fb862;placementID=1998711;setID=593294;channelID=0;CID=536014;BID=521006504;TAID=0;place=0;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-a... Show response
ads.securityweek.com/adserve/ 0
342 B 47ms
15ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.securityweek.com/adserve/;MID=179018;type=e959fb862;placementID=1998711;setID=593294;channelID=0;CID=536014;BID=521006504;TAID=0;place=0;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F;mt=1683149019796833;hc=54fa585111ad19c252bf3ccbd4e0ca9b4d4b2cf4

Requested by

Host: ads.securityweek.com
URL: https://ads.securityweek.com/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

116.202.46.88 Weng, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88.46.202.116.clients.your-server.de

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 21:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.securityweek.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;libID=3816482
ads.securityweek.com/getad.img/ 110 KB
110 KB 11ms
10ms Image
image/jpeg 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.securityweek.com/getad.img/;libID=3816482
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Weng, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3a7daf9f3668bd95752cd0e89d438e15814ec6a0081a56dc2627e5f2ff52a13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:39 GMT
last-modified: Sun, 23 Apr 2023 20:38:26 GMT
server: nginx
etag: "64459742-1b632"
content-type: image/jpeg
access-control-allow-origin: https://www.securityweek.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="TDIR-Summit-970x250.jpg"
accept-ranges: bytes
content-length: 112178
expires: Thu, 02 May 2024 14:23:39 PDT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
210 B 21ms
20ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=28679653&t=pageview&_s=1&dl=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&ul=en-us&de=UTF-8&dt=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%27APT38%27%20Group%20-%20SecurityWeek&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2059726171&gjid=170913769&cid=262825012.1683149020&tid=UA-11590534-1&_gid=211247091.1683149020&_r=1&gtm=457e3510&jsscut=1&z=1300616876

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.securityweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 May 2023 21:23:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.securityweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 1904 7 KB
4 KB 43ms
16ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&s_o=default

Requested by

Host: securityweek.disqus.com
URL: https://securityweek.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

15f8c4e92ee10d8a0de4cf218c6539722d0f721147cb1526972120af64163005

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.securityweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 1
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2910
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 03 May 2023 21:23:39 GMT
ETag: W/"lounge:view:7629071679.d29867ab0d8a6464601d2d8a26db4e6f.2"
Last-Modified: Sat, 11 Feb 2023 12:39:27 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H2 200 impl_v95.js Show response
www.googletagservices.com/dcm/ Frame 42F2 60 KB
23 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v95.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 23:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23368
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 18:47:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Apr 2024 23:36:16 GMT

GET
H2 200 lounge.load.f1fe094e6a85153648acb5c0c2c1e1c8.js Show response
c.disquscdn.com/next/embed/ Frame 1904 1 KB
1 KB 66ms
20ms Script
application/javascript 2600:9000:2127:a400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.f1fe094e6a85153648acb5c0c2c1e1c8.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c8c4b25a2805ccc0965cfc2d230fc3b7d0279221cb7a5450e4fda06f65510a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&s_o=default
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 03 May 2023 17:35:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 13711
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 625
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 26 Apr 2023 16:45:46 GMT
server: nginx
etag: "6449553a-271"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: vNqmoagTBmiOVC3CA0bUuvw4IhewOW0YTf1f9e4ZjAay5v5frwCaKw==
expires: Thu, 02 May 2024 17:35:09 GMT

GET
H2 200 5319632.js Show response
js.hs-analytics.net/analytics/1683148800000/ 65 KB
21 KB 179ms
158ms Script
text/javascript 2606:4700::6810:8cce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1683148800000/5319632.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5319632.js?integration=WordPress&ver=10.1.16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8cce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8a21212da46ecc2d209c89b9418b91470bf3f43cd571aa0675772c83fe33d24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:40 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: KGB5MDX7EBW14ZBC
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 26
x-amz-id-2: whLDbQvek5lnjkyRZQSQyDnt/HbD0puH2GFnMIBjuMBhkKTAc/yleXA1jpzA/MEJXEKXTWgt7AU=
x-evy-trace-listener: listener_https
x-request-id: bdb8e456-9faa-4f14-ae6e-32cb0735a0c3
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 18 Apr 2023 14:03:28 GMT
server: cloudflare
etag: W/"bb878c88b05bae17f1f9dfa7c31a7359"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6b7cfc8cf5-mv8k9
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7c1b90ff7a4d9be8-FRA
expires: Wed, 03 May 2023 21:28:40 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 134ms
113ms Script
application/javascript 2606:4700::6811:69c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5319632.js?integration=WordPress&ver=10.1.16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:69c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 798d10a2358bf2bb2383db429dbd3872c61623eae564f5ec4b35cebe16e8d3ee

Request headers

Referer: https://www.securityweek.com/
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:40 GMT
x-amz-version-id: aBw9KhRIvCv.ZxIPDLAZZBBgMDNKkxQd
via: 1.1 a4f9ca051b97c1ac09e2af244690d376.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.362/bundles/project.js&cfRay=7c1b90ff7ec43aa3-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b69556c6-7c22-4106-92ce-3ef344e59ade
last-modified: Thu, 27 Apr 2023 09:01:08 UTC
server: cloudflare
etag: W/"bace8c71ddeb09e8dcafa17e11c33f6c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-589c5fd4fb-4lk5b
cf-ray: 7c1b90ff7ec43aa3-FRA
x-amz-cf-id: vOKl1vLASZTulFaVUgjxD0bQwYfGRUF14bTQyMgFqFD33nxc5nrVow==
x-hs-target-asset: collected-forms-embed-js/static-1.362/bundles/project.js

GET
H2 200 5319632.js Show response
js.hs-banner.com/ 60 KB
16 KB 410ms
389ms Script
text/javascript 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5319632.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5319632.js?integration=WordPress&ver=10.1.16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7c91227ed1cf1d83d32996e4e61a4f77dbdbbc9920a3a29f5ab522d237c74b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:40 GMT
x-amz-version-id: Re7uVMKIIL3DzEPcXMU7stPISkZ1nT3r
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: EX323RQE29YBF84R
x-amz-server-side-encryption: AES256
x-amz-id-2: Y1FJO9Oxh/GeGR649D74xO1nx6P9tZQaT39t6hLJ2TpKLETdYvVDeLG4sJ6dBJ+VaCLCFacdxog=
last-modified: Mon, 17 Apr 2023 15:35:42 GMT
server: cloudflare
etag: W/"fbac0553015dccf82e36fcb606c4d982"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.securityweek.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7c1b90ff7e3a39bc-FRA
expires: Wed, 03 May 2023 21:28:40 GMT

GET
H3 200 vck.js Show response
cdn.justuno.com/ 2 KB
2 KB 23ms
22ms Script
application/javascript 2606:4700::6811:ca35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.justuno.com/vck.js
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/apps/body/gTSU7w8TKow-r0zxLGZWiDD2jUk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:ca35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa433b899311f6fcb718687df51be730a5a7a3c6ce4dc2474ff26a383307b2ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 03 May 2023 21:23:40 GMT
x-amz-version-id: IStAkkpAXub6mGXsU7R_eEc9Tjbt5OG9
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: JV59DM42VQ6VZ5ZP
age: 4907
cf-polished: origSize=3165
x-77-cache: HIT
x-cache: HIT
x-age: 782205
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: dqqnUr7IL6F2vVTx5EJnp4aW3f3nkkctLtfJ/dA75+EX1LWj/PHozCV8bN+4e34HBEUYD9kwMAg=
x-77-nzt: Abk73BC+rsz/fe8LAA
cf-bgj: minify
last-modified: Thu, 12 Nov 2020 22:18:40 GMT
server: cloudflare
etag: W/"0d90f75705633071cb4330dbccfe579a"
x-77-nzt-ray: 908339301fc9a3af9db498638fd0ab28
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
cache-control: public, max-age=691200
cf-ray: 7c1b90ff5e4d038e-FRA
access-control-allow-headers: *
expires: Thu, 11 May 2023 21:23:40 GMT

GET
H3 200 3 Show response
www.securityweek.com/wp-json/wordpress-popular-posts/v1/popular-posts/widget/ 4 KB
2 KB 176ms
176ms XHR
application/json 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.securityweek.com/wp-json/wordpress-popular-posts/v1/popular-posts/widget/3?is_single=16121

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.1.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

dcd22cd76b0dfdc4558fd949219aca26d17b0cffa231785d3d2647d6c717e25d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:40 GMT
x-cache-group: normal
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-cacheable: SHORT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-powered-by: WP Engine
x-cache: HIT: 7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
allow: GET
content-type: application/json; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REnkiPPshLQNgJZeUII7LUIBSRbToNZcWtMAY3cYPoO6r3QxfEPbGXstQUaSUY8VGRAQNtly1OWP%2FJ%2B9aIfon%2B9OPLn9OtH%2FPp4evt9chrppBPoMPAlrTF6Li4jS50Z9FSUx45FpUDq6ZeOWEXnf2n1F"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=600, must-revalidate
x-robots-tag: noindex
link: <https://www.securityweek.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray: 7c1b90ff5e0537d2-FRA

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 103ms
65ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304270101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31a744fa9edc0679b21ad6995ac00235711cb9e9b67d474300d595921205eeb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11188
x-xss-protection: 0

POST
H3 204 rum Show response
www.securityweek.com/cdn-cgi/ 0
145 B 12ms
8ms XHR
text/plain 2606:4700:20::6818:a003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.securityweek.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::6818:a003 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type: application/json

Response headers

date: Wed, 03 May 2023 21:23:40 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.securityweek.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7c1b90ff7e2937d2-FRA

GET
H2 200 B29809356.364737092;dc_ver=95.280;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3756665563;ord=3zxtk6;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.securitywee... Show response
ad.doubleclick.net/ddm/adi/N30602.3746816SECURITYWEEK/ Frame C0A0 54 KB
26 KB 84ms
48ms Document
text/html 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N30602.3746816SECURITYWEEK/B29809356.364737092;dc_ver=95.280;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3756665563;ord=3zxtk6;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F$0;xdt=0;crlt=aYs0wv!qS6;stc=1;chaa=1;sttr=55;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f6.1e100.net

Software

cafe /

Resource Hash

0cba790b81c23147daa2889a77c361abb77e0406c977fa171ca326d4167c6cca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 26288
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 21:23:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 store_4.1.html Show response
cdn.justuno.com/ Frame CF21 2 KB
1019 B 23ms
22ms Document
text/html 2606:4700::6811:ca35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.justuno.com/store_4.1.html?v=5.63
Requested by: Host: cdn.justuno.com
URL: https://cdn.justuno.com/mwgt_4.1.js?v=5.63
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:ca35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c189dd46df7ab8b489d4a3238defd7975ad02f114eb3f72fedadeb6fde7cbe0

Request headers

Referer: https://www.securityweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=700000
cf-cache-status: DYNAMIC
cf-ray: 7c1b90ff9eaf038e-FRA
content-encoding: br
content-type: text/html
date: Wed, 03 May 2023 21:23:40 GMT
last-modified: Tue, 31 Mar 2020 15:31:26 GMT
server: cloudflare
vary: Accept-Encoding
x-77-cache: HIT
x-77-nzt: AcO1rw6GJ5v/XvwAAA
x-77-nzt-ray: 9083393033a5ac29dcd05264f9627806
x-77-pop: frankfurtDE
x-accel-date: 1683084414
x-age: 64606
x-amz-id-2: 9uRIVV2zDdy3QpmHGM+dqeGc/pkC1NPkc6aIUrXwvtLlV1YQUNCJWVoHyHF3uefP5ggedEr3SaU=
x-amz-request-id: DN4VP7Q6JAXPYMME
x-amz-version-id: n8._QaxL6VauG4hu9U02QXwqY3LVnM24
x-cache: HIT

GET
H/1.1 200
OK / Show response
disqus.com/recommendations/ Frame 8397 6 KB
4 KB 8ms
8ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/recommendations/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group

Requested by

Host: securityweek.disqus.com
URL: https://securityweek.disqus.com/recommendations.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f02c04333073962e773be1b3e14a616eb1331ea5a13fd4d8b2fb314e5f3b9684

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.securityweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 1
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2406
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 03 May 2023 21:23:40 GMT
Last-Modified: Sat, 11 Feb 2023 12:39:27 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H2 200 common.bundle.6719fe9dbe70a5a047052a905ea1cbc5.js Show response
c.disquscdn.com/next/embed/ Frame 1904 280 KB
93 KB 68ms
23ms Script
application/javascript 2600:9000:2127:a400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.6719fe9dbe70a5a047052a905ea1cbc5.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.f1fe094e6a85153648acb5c0c2c1e1c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cd3179714cc77f87b3275aecc5901867606b239d2f8d7f6a287c1a9800ff0021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 27 Mar 2023 21:48:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 3195291
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94181
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Mon, 27 Mar 2023 21:43:49 GMT
server: nginx
etag: "64220e15-16fe5"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: 27bX5cYe3DqWL_oEBy1jo_0_ZSmi-zyXBYlzPgS9y7TO8kSLPn-krg==
expires: Tue, 26 Mar 2024 21:48:49 GMT

GET
H2 200 recommendations.load.957727541056f1897860b1452ec47573.js Show response
c.disquscdn.com/next/recommendations/ Frame 8397 923 B
1 KB 20ms
20ms Script
application/javascript 2600:9000:2127:a400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.load.957727541056f1897860b1452ec47573.js

Requested by

Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e78ed0e5ab0b7d12dd54b82b6003c649cfadc34b59232079b48c22fa6b62eac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 21 Apr 2023 10:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1077662
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 446
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 18 Apr 2023 23:42:29 GMT
server: nginx
etag: "643f2ae5-1be"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: oc4ajEkcVTMmsYn_cDZAnT63XZEohsu6rHC3Mfa93zoRsfquXvWpsA==
expires: Sat, 20 Apr 2024 10:02:38 GMT

GET
H2 200 common.bundle.ed70feedb9af01b8234c85d6eb19f2fd.js Show response
c.disquscdn.com/next/recommendations/ Frame 8397 262 KB
87 KB 76ms
63ms Script
application/javascript 2600:9000:2127:a400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.ed70feedb9af01b8234c85d6eb19f2fd.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.957727541056f1897860b1452ec47573.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e15814c40decf74f25403bda7f3455c62393bfbc6710555dec7534dd2de6b739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 29 Mar 2023 05:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 3081200
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 88876
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 28 Mar 2023 23:28:13 GMT
server: nginx
etag: "6423780d-15b2c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: ol-35UgFlLu7NBVCA9M0h2knl3FoQULcfGK5kW7Z59xwVZMBiqC0JQ==
expires: Thu, 28 Mar 2024 05:30:20 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 03 May 2023 21:23:40 GMT

GET
H2 200 47709926680518839
s0.2mdn.net/simgad/ Frame C0A0 67 KB
67 KB 52ms
14ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/47709926680518839

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N30602.3746816SECURITYWEEK/B29809356.364737092;dc_ver=95.280;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3756665563;ord=3zxtk6;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F$0;xdt=0;crlt=aYs0wv!qS6;stc=1;chaa=1;sttr=55;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e368aa1d25be75f399a6d6c4f6dffe8db319cb1abe581dedeb11acfa6b4a21d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:08:05 GMT
x-content-type-options: nosniff
age: 353735
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68193
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 02:15:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Apr 2024 19:08:05 GMT

GET
H3 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20230501/r20110914/xfa/ Frame C0A0 10 KB
4 KB 41ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230501/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24f823b76d559f40b10d0fd1373ea500341a4db528842ea36821bc6fe80c1621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 19:09:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8043
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4272
x-xss-protection: 0
server: cafe
etag: 16687143975010171978
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 19:09:37 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230501/r20110914/elements/html/ Frame C0A0 11 KB
4 KB 41ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230501/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:34:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 17:34:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C0A0 160 KB
49 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50014
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683113006724128"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 21:23:40 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C0A0 0
0 111ms
50ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsseEoykKom2wxXwG2vQn9bNlwcICkhsOruxpS_yOPptXJtMNADk9I8kYMUBeIpJU7fssmVkG_j9da9G5Te_yaH5UAYPePVzQXzCPIjsjq9yavoJ0Wnoz5yeSB0dOz2o-p5BqEH41ugBVJwDphf27tcybI84f9na5uYgQYJipQ&sai=AMfl-YTiTSlznnVOkR52cGZ1qv-h1z5uivZqgnAHaIqdd_rnvvP3tkQeosRPKhSb0YX04rgERHNCVIKvKI75Q-R6UsQKzaFtVqecQI9vAg&sig=Cg0ArKJSzK8etIbplLjrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230501.23398&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 03 May 2023 21:23:40 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C0A0 41 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 May 2024 09:20:28 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3067 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 19:48:21 GMT
expires: Thu, 02 May 2024 19:48:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A80B 783 B
1 KB 82ms
23ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4bc22b30a54e2fd4b2ef83c667b6d04357c856e22f63c8579b94dc36ae65a04c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qk3dSfvUaV7McC-Bqyg_lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.securityweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-qk3dSfvUaV7McC-Bqyg_lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 21:23:40 GMT
expires: Wed, 03 May 2023 21:23:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
450 B 119ms
116ms XHR
application/json 2606:4700::6811:69c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=5319632&utk=
Requested by: Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:69c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0978438d354ec5e681207be25f53c69b24700125938105927de69dc0e55bcd48

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.securityweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 4f24dd12-80b9-4b0f-85d9-3446b6c24800
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1af499aa-94b7-4321-8642-cbbb7a21dd7d
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.securityweek.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-589c5fd4fb-httbh
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7c1b91008ff53aa3-FRA

GET
H2 200 lounge.cef06fba9afb581ee691b2d4ff616400.css
c.disquscdn.com/next/embed/styles/ Frame 1904 233 KB
33 KB 22ms
22ms Stylesheet
text/css 2600:9000:2127:a400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.6719fe9dbe70a5a047052a905ea1cbc5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

410648e2f3fdc08aab90de8ce3fffcc71d7d41c5b6c61aae829e6d93c6d69127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 26 Apr 2023 04:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 663833
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 33266
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Fri, 21 Apr 2023 16:09:03 GMT
server: nginx
etag: "6442b51f-81f2"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: hdy0chrCW0Ih17TR-d_qqdlfvp6lzgT_iXO_zEObTUj0fAiCMvRbrw==
expires: Thu, 25 Apr 2024 04:59:47 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4AF5 22 KB
8 KB 17ms
17ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 108352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 15:17:48 GMT
expires: Wed, 01 May 2024 15:17:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C0A0 7 KB
6 KB 58ms
57ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230501/r20110914/xfa/sodar_loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a38230d94874811a66ddf273ad03483e6a15b50b784198c15679afb6fccd61b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5790
x-xss-protection: 0

GET
H2 200 lounge.bundle.739ca9b8383dffb70c7596b4d45253f6.js Show response
c.disquscdn.com/next/embed/ Frame 1904 507 KB
128 KB 22ms
22ms Script
application/javascript 2600:9000:2127:a400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.739ca9b8383dffb70c7596b4d45253f6.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.6719fe9dbe70a5a047052a905ea1cbc5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7c0a4f44a2dd7257ec37979b04d0a2457a6f619c8bae53db9580e10b6be862ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 03 May 2023 17:35:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 13711
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 129836
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 26 Apr 2023 16:45:46 GMT
server: nginx
etag: "6449553a-1fb2c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: LpIojsMyCWdFpOLT-zjIbFj-pl36MjO8R82aljz8duIdTOBqXO3XSA==
expires: Thu, 02 May 2024 17:35:09 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 1904 18 KB
18 KB 8ms
7ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.6719fe9dbe70a5a047052a905ea1cbc5.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f6eb5ef4c0396d414989f07f743d2b5d4bd434e9c3d70d74c9639098b81a492c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 03 May 2023 21:23:40 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 39
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 18229
X-XSS-Protection: 1; mode=block

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ Frame 8397 14 KB
3 KB 20ms
20ms Stylesheet
text/css 2600:9000:2127:a400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.ed70feedb9af01b8234c85d6eb19f2fd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ad59b3c437a380375b4205e22d9bf50856690b094d2fa425ae90971f5b58758e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 05:41:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 2389341
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2968
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 05 Apr 2023 19:22:35 GMT
server: nginx
etag: "642dca7b-b98"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: qGK55ljZrPCQ8Wi8FL0ObnNvVIDq7_OlLiaVQTooHGenOkMFwGIB5Q==
expires: Fri, 05 Apr 2024 05:41:19 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 152ms
134ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=609496040&v=1.1&a=5319632&ct=blog-post&rcu=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&pu=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t=North+Korean+Attacks+on+Banks+Attributed+to+%27APT38%27+Group+-+SecurityWeek&cts=1683149020358&vi=dad2a8c24639fa8a53aab6f3042cbb95&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 04ec7e4d-b971-4f07-9bc4-d310e9d3e64f
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: bd0f38e5-d018-427c-aeb9-c27b782babb8
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuWUmY4MeYVDCRffAhMTZ1gigieTTL7toYAXJyRv%2F%2FAHxoQZqga%2BJI9abNt7VGSscGMiPQX2fEiCa0lRLy5IJPZjQFFKl3dPSjL%2FvKQEfiFIdA85x9XmD5Xln3QQhETCPqOwGiiB9YvrU75IxDg%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8684ddbc9d-fwlfz
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7c1b91015e2f2c5f-FRA
x-robots-tag: none

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C0A0 0
0 52ms
52ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsseEoykKom2wxXwG2vQn9bNlwcICkhsOruxpS_yOPptXJtMNADk9I8kYMUBeIpJU7fssmVkG_j9da9G5Te_yaH5UAYPePVzQXzCPIjsjq9yavoJ0Wnoz5yeSB0dOz2o-p5BqEH41ugBVJwDphf27tcybI84f9na5uYgQYJipQ&sai=AMfl-YTiTSlznnVOkR52cGZ1qv-h1z5uivZqgnAHaIqdd_rnvvP3tkQeosRPKhSb0YX04rgERHNCVIKvKI75Q-R6UsQKzaFtVqecQI9vAg&sig=Cg0ArKJSzK8etIbplLjrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=169&vt=11&dtpt=168&dett=2&cstd=0&cisv=r20230501.23398&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 03 May 2023 21:23:40 GMT

GET
H2 200 recommendations.bundle.bb3216316047d5c61d9dafa6240fbf39.js Show response
c.disquscdn.com/next/recommendations/ Frame 8397 65 KB
20 KB 24ms
23ms Script
application/javascript 2600:9000:2127:a400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.bb3216316047d5c61d9dafa6240fbf39.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.ed70feedb9af01b8234c85d6eb19f2fd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5bd060c4d7413c66456b91af3b13d3a3823c90543d9ccebc7a94a892ecb36d27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 27 Mar 2023 01:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 3268579
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 20326
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 17 Mar 2023 09:25:43 GMT
server: nginx
etag: "64143217-4f66"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: eNn38vrnMx2_u3EdGHxf72l8Y-rPQhzjSFvXAq4NdDWD3iTEW4tacg==
expires: Tue, 26 Mar 2024 01:27:20 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 8397 18 KB
18 KB 10ms
9ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.ed70feedb9af01b8234c85d6eb19f2fd.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f6eb5ef4c0396d414989f07f743d2b5d4bd434e9c3d70d74c9639098b81a492c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/recommendations/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 03 May 2023 21:23:40 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 39
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 18229
X-XSS-Protection: 1; mode=block

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
687 B 151ms
129ms Image
image/gif 2606:4700::6811:d6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d6f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: d8200247-a4ba-4b70-9991-199510f508ad
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ca6f4d34-77a5-4a5a-bf37-e1ed8de8653f
server: cloudflare
x-trace: 2BC2435C2D098C0B80E392511547B581883485D28E000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-58fd596dd9-429sg
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7c1b910199651c9b-FRA

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C0A0 17 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230501/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 03 May 2023 21:23:40 GMT

GET
H3 200 vL7o0N_rWuXUXr4zaznQwGRTzb1r1IdsCvpeVnelq_s.js Show response
pagead2.googlesyndication.com/bg/ Frame 4AF5 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vL7o0N_rWuXUXr4zaznQwGRTzb1r1IdsCvpeVnelq_s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcbee8d0dfeb5ae5d45ebe336b39d0c06453cdbd6bd4876c0afa5e5677a5abfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 12:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14722
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 May 2024 12:12:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A80B 0
0 50ms
50ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304270101&jk=3270492465931875&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H3 200 vL7o0N_rWuXUXr4zaznQwGRTzb1r1IdsCvpeVnelq_s.js Show response
pagead2.googlesyndication.com/bg/ Frame 3067 37 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vL7o0N_rWuXUXr4zaznQwGRTzb1r1IdsCvpeVnelq_s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcbee8d0dfeb5ae5d45ebe336b39d0c06453cdbd6bd4876c0afa5e5677a5abfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 12:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14722
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 May 2024 12:12:53 GMT

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 1904 3 KB
4 KB 9ms
8ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=securityweek&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.6719fe9dbe70a5a047052a905ea1cbc5.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

dd6ecb2de64d9421f1cb5aeb28b25f287199206649273449573bc73a20b413f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&s_o=default
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 03 May 2023 21:23:40 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 1
X-Frame-Options: SAMEORIGIN
Vary: Origin, Cookie
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 3314
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 8397 3 KB
4 KB 7ms
7ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=securityweek&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.ed70feedb9af01b8234c85d6eb19f2fd.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

dd6ecb2de64d9421f1cb5aeb28b25f287199206649273449573bc73a20b413f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/recommendations/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 03 May 2023 21:23:40 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 1
X-Frame-Options: SAMEORIGIN
Vary: Origin, Cookie
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 3314
X-XSS-Protection: 1; mode=block

GET
H3 200 vL7o0N_rWuXUXr4zaznQwGRTzb1r1IdsCvpeVnelq_s.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F59 37 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vL7o0N_rWuXUXr4zaznQwGRTzb1r1IdsCvpeVnelq_s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcbee8d0dfeb5ae5d45ebe336b39d0c06453cdbd6bd4876c0afa5e5677a5abfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 12:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14722
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 May 2024 12:12:53 GMT

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 0
0 133ms
117ms Preflight
application/octet-stream 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.securityweek.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.securityweek.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 7c1b91028f26367b-FRA
content-length: 0
content-type: application/octet-stream
date: Wed, 03 May 2023 21:23:40 GMT
server: cloudflare
timing-allow-origin: *
vary: origin
x-envoy-upstream-service-time: 4
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6b7cfc8cf5-vxsnr
x-evy-trace-virtual-host: all
x-request-id: f48af61a-154a-4a3f-b4a8-89abe1e357a7

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
167 B 132ms
131ms XHR
text/plain 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/5319632.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.securityweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 May 2023 21:23:40 GMT
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: dfb9ea31-3ee4-46be-8ec2-5135de75702e
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 20
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 52be149e-e9c3-4d95-b131-89191621644a
server: cloudflare
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.securityweek.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary: origin
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6b7cfc8cf5-mv8k9
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7c1b91034fe3367b-FRA

GET
H3 200 css2
fonts.googleapis.com/ Frame 1904 11 KB
862 B 86ms
32ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5fd5b33467ba3a9686c1203cbf6a0fd26526e5dfd695a0df98436727046294a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 May 2023 21:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 May 2023 20:08:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 May 2023 21:23:40 GMT

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 1904 3 KB
3 KB 21ms
21ms Image
image/gif 2600:9000:2127:a400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 26 Mar 2023 01:39:17 GMT
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PRG50-C1
age: 3354263
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 17 Mar 2023 09:25:43 GMT
server: nginx
etag: "64143217-b9b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 4avqwo3X00dqm2A9IZj3uecLyj5rPPYiPM0Oboy9Y1Mfo4ZzGQc4HQ==
expires: Mon, 25 Mar 2024 01:39:17 GMT

GET
H2 200 email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
c.disquscdn.com/next/embed/assets/img/ Frame 1904 840 B
1 KB 21ms
21ms Image
image/svg+xml 2600:9000:2127:a400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 19 Apr 2023 18:37:18 GMT
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PRG50-C1
age: 1219582
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 840
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 18 Apr 2023 23:42:29 GMT
server: nginx
etag: "643f2ae5-348"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: vp0USRPcQOsJW06TxROnNO0TydyirzLQCmmdCSWRMoER-fuMX7b7qw==
expires: Thu, 18 Apr 2024 18:37:18 GMT

GET
H2 200 privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
c.disquscdn.com/next/embed/assets/img/ Frame 1904 891 B
1 KB 22ms
21ms Image
image/svg+xml 2600:9000:2127:a400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 22 Mar 2023 01:25:36 GMT
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PRG50-C1
age: 3700684
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 891
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Fri, 17 Mar 2023 09:25:43 GMT
server: nginx
etag: "64143217-37b"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: NLnT4hgMAJQMrqCSJgbpYL6Co5gnuYBMeZqi6p-7O7mA0KX6tak0bA==
expires: Thu, 21 Mar 2024 01:25:36 GMT

GET
H2 200 warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
c.disquscdn.com/next/embed/assets/img/ Frame 1904 605 B
1 KB 22ms
21ms Image
image/svg+xml 2600:9000:2127:a400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 22 Apr 2023 01:32:44 GMT
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PRG50-C1
age: 1021856
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 605
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 21 Apr 2023 16:09:03 GMT
server: nginx
etag: "6442b51f-25d"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: AUCWHigf1dbsyKzGReuURzQdVuVA9_SAcHS3y9sMle2VQDCTMEv_OQ==
expires: Sun, 21 Apr 2024 01:32:44 GMT

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 1904 8 KB
8 KB 22ms
22ms Font
application/octet-stream 2600:9000:2127:a400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 24 Apr 2023 14:33:14 GMT
via: 1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PRG50-C1
age: 802226
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 21 Apr 2023 16:09:02 GMT
server: nginx
etag: "6442b51e-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: x0oy7-vHJmlkYqKoJzae_1mJEpkPH7Q3Thc1ROVWhFvRC4cWvMYq0g==
expires: Tue, 23 Apr 2024 14:33:14 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 8397 11 KB
862 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5fd5b33467ba3a9686c1203cbf6a0fd26526e5dfd695a0df98436727046294a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 May 2023 21:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 May 2023 20:14:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 May 2023 21:23:40 GMT

GET
H/1.1 200
OK listRecommendations.json Show response
disqus.com/api/3.0/discovery/ Frame 8397 5 KB
5 KB 8ms
8ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=securityweek&thread=ident%3A16121+https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.ed70feedb9af01b8234c85d6eb19f2fd.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

eb41ef9e6332a0b821af92ea91c67628c0fe5f1b00b19f935b759fee9fdda231

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/recommendations/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 03 May 2023 21:23:40 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 146
X-Frame-Options: SAMEORIGIN
Vary: Origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cache-Control: stale-while-revalidate=450, public, max-age=1800
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 4974
X-XSS-Protection: 1; mode=block

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1904 15 KB
16 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:22:44 GMT
x-content-type-options: nosniff
age: 399656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 06:22:44 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1904 15 KB
15 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:10:15 GMT
x-content-type-options: nosniff
age: 400405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 06:10:15 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1904 17 KB
17 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 15:45:28 GMT
x-content-type-options: nosniff
age: 365892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 15:45:28 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 1904 43 B
339 B 123ms
105ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&integration=wordpress%203.0.23&load_time=353&event=init_embed&thread=7629071679&forum=securityweek&forum_id=294163&imp=2sdbkno1382v1t&thread_slug=north_korean_attacks_on_banks_attributed_to_039apt38039_group&user_type=anon&referrer=https%3A%2F%2Fwww.securityweek.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 03 May 2023 21:23:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 get
c.disquscdn.com/ Frame 8397 14 KB
15 KB 25ms
24ms Image
image/jpeg 2600:9000:2127:a400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.securityweek.com%2Fwp-content%2Fuploads%2F2023%2F04%2FRAV4-hack-stolen.jpg&key=LXsFGF-rxKpkbsJC9jGYgQ&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7590f56a90d2c95748709c79aa95dc41e31a7f7b5c76c1ae082ed649ac144ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 29 Apr 2023 20:12:12 GMT
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: PRG50-C1
age: 349888
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 14067
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEr2rp9my70xYHA17VN%2Brv8LpoGTfa6IB5zYtIM3%2BdLsfdcopyc%2BvszfuGumWy%2FY0L9qNTlAtPypbsYP1rRKfJsodZXag54GFlgMOYeJ8UrJ0u8pi3b56Gm47NqOehM%2FiP6PBQ6j"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: WO7z_IgkIMwtwgxng5oNTU5qdM8xwYYxmr_OR4r4U6SEJkWPWcJJFQ==
expires: Mon, 29 May 2023 20:12:12 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 8397 78 KB
79 KB 26ms
25ms Image
image/png 2600:9000:2127:a400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.securityweek.com%2Fwp-content%2Fuploads%2F2023%2F04%2Fms_naming-apts.png&key=U-nQfc7LMplZDHO7TXb6aQ&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fb766742b2e7121a6a1311b9ace1563913d6c8be2f8b3ef24b8f0410402e3757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 29 Apr 2023 20:12:12 GMT
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: PRG50-C1
age: 1142871
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 80246
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbkcam8XGlbQ%2BKI5tcpjcWzt68ptj%2F%2Bl8%2BjCsoHku3Qg9cEJwLfRyTJRD7dSGr%2BJojUQxEZVNiVvsViv6H80uVnfuYhmKPPiFWjqELNvOHWQvDZReRuXSF%2F%2FAUgfAcGm5DQEfP0v"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: rpFC7gNyMveZPPEfQ66dydUQ4q5DA2XNj1XGp09NtgbxzU0__VnASw==
expires: Mon, 29 May 2023 20:12:12 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 8397 11 KB
12 KB 238ms
237ms Image
image/jpeg 2600:9000:2127:a400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.securityweek.com%2Fwp-content%2Fuploads%2F2023%2F01%2FCybersecurity_News-SecurityWeek.jpg&key=OHuLlFkvz6yG7koQwAk7gA&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

31a70ac053fb9095fecfab31d7fed0ee075826150483ba25283082f960f5c8ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 03 May 2023 21:23:40 GMT
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: PRG50-C1
age: 2765907
x-cache: Miss from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 11377
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crvCtbz3i3G0y4i1%2FhzWDjj8aXL5lYXCh2%2Bi3zdKR2XUK4EjCXsPwz758R%2FU33FOytgkfhK8mVqtvP1h%2F90%2BKqFG4uRwkMCW7aHf0cSyRVwhfd%2BmYIyduOrZhhuV%2FD%2Bn5hL0hrASOd0cF7QwqkYyIcBo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 0uMdVYBaMq9adGfHiOShv2WwApqEgFP-uR1TQgjq6_aSzm8PY1AGUQ==
expires: Fri, 02 Jun 2023 21:23:40 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 8397 9 KB
10 KB 31ms
30ms Image
image/jpeg 2600:9000:2127:a400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.securityweek.com%2Fwp-content%2Fuploads%2F2023%2F04%2FChrome-Zero-Day-exploits.jpg&key=nPwKyFngyNAw9VNNZTUygw&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

75f751319345ade1b95ef07dbf0edd015aed2f9c9d4ec764e2e8fb7919aed929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 29 Apr 2023 20:12:12 GMT
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: PRG50-C1
age: 1587678
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 9213
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5GdtyOhd6cUfR69LxgcaxcTdKraicwdEda%2BMTRovbTR6hJvMcIFNxCGUtHN8R%2Fruz%2B3wPWwAUYUFZN5yUjrcEzCs8uKxG%2BcREa4ik20Dny%2BLB6aBs5jDBm%2F1yqDsHl7%2FS3C6jGl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: __qAduQzIIAd9lI_MgorLrHn7tdndHiA6_GzifOcm6DcZVo8pksJhQ==
expires: Mon, 29 May 2023 20:12:12 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 8397 8 KB
9 KB 31ms
30ms Image
image/jpeg 2600:9000:2127:a400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.securityweek.com%2Fwp-content%2Fuploads%2F2023%2F04%2FiOS_Zero-Days.jpg&key=ZNCa-Fj2As-YHfhPmr0tLA&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6c901589464078e8efb414f1e48d5a3fd1ca8aed43450c723ddb0b7243b34283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 29 Apr 2023 20:12:12 GMT
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: PRG50-C1
age: 838810
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 7976
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZlPUaeVhFIlycPzVUQiUV%2B%2FHb0aSdDzDTFFQYT6NCv%2BgM226Ngr4b3mMw9sJlXJMx3vcAdVZ5grAf%2FTGS8zgjZXnNvD%2FcK3k55zNQkYujz1cp4idyAIFCgoDgkAsIIBhP8XJEq7G5R5hd88jNAuR8AR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: TZ7fJNfu_5mLYYfuk0XpYUEzpc2nbb21cZ4sq22c_lc8z1vcUrvQ3g==
expires: Mon, 29 May 2023 20:12:12 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8397 15 KB
15 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:10:15 GMT
x-content-type-options: nosniff
age: 400405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 06:10:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8397 15 KB
16 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:22:44 GMT
x-content-type-options: nosniff
age: 399656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 06:22:44 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8397 16 KB
16 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 18:58:23 GMT
x-content-type-options: nosniff
age: 354317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 18:58:23 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3067 0
10 B 17ms
16ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Bw_7Yg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AF5 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJVeY3NBSZJP1CJWz9u8Pksij-A4AAAAAOAHgBAI&bg=!ycqlyp7NAAYcDqajPA47ADkAdvg8WkVk3-7XFC4zW3qenU0YoR0fnw7t9SI-HEtpxJSeIujPGrD6qMmQN1eD_NuGa5Oi78TQRtACAAABX1IAAAACaAEHCgBOWGBTkNLpYuEYlZKVQmLKieReHkCvDrqltZ6ZarFoMg9UhWNL70bchhzdxMXwSTkmWa1fkx6btVSoJAlrUnjN579AjalvBnp4AeWG5ZWfmQMU3bT0fYcG_-BwagDQMxT4rE-cjUQD2JHrT7Q9bpwbnlqsyVkOh4aLRYS_Hp_AXphy-11H-WGZ8oJqjorul0YpF7Zzscerwzrxt3TEogSt5da7Fq8c2ErOXaSl-25pZ_f2XJdVRDpY17zlZlS6gDDBwdsjXin89EVpbjuKfwLWSVmPEVZLlB8_l3w_l8FIu17m9qDRJpIZ50GCudzcBrf1MIvPetrZJmgsBEs9ZVyNCRyZxfHwh2C04rQyPDOQ9KDCnCZBobAjXQqu_csvfr55rBICxhEx3ABoiMIQXtD2ux4TAGbHGsNV8EF_Ocb70fya8n7HuMlb5FGk_AHH7V1C93PUHP6C1fEaAeh8dEem0ad8gdXUq_KeBmD-GbgT7TNsZFFr9jAY-ZtQpDdJXxnwqw7wjtt7GDWwvZJ3kBE99AKYATFzHVjlnuLaK8TUjAD_vuH5Bg2Cd7W9ombBKVAtnm8Dq1oog-rWcTv1PfGQykqiOVFBysQrKrrBwjcAqDOvOngsgNaBygLgXrq7bQYQOeQJxFDQBMdDuUdUv3giLBP9KHxLkBBzEmKBmhf3bVwc4ZuOD0_deFtrpprZFlE77GU_Df0H0XJvAsu1LOvt4BoY1kLAFoJFYlWtdAaU7_iuKG-oZ1djFbmWOsOWg97TjnzToM8uhgpFw__XuNQTR66KFf6bvZX3jlLnhbADyHLoNAo6BlUG6nAEgcgv5dgBaueQUwJ10xAbByaYAvmXgYX5VL9klyCNUWn-9eeO9f26vaq79t8EQFbYR8z5XDkh_P2UkW41-xGlnR2bfRkRbgX9cdTXAP3LSwGtobc2kCUBk-IP1eWKn4RYDgt-gaGLQRdDMT-RihuMgISGN_PaxVtTj4KHoK7eD1XnPGlZxCx121TaxFt9bOepDoyhvylTzrJeAPLorTI_AOJnOzA-9mtjEvr1lj9blhp9Q_2kJ9gVgu6sfi5qEOfJJbsHmkLPM53yhdQtI3Ljll9WKgb5ZJN2tFYh7NgUMmzp7dCeXTtbnpUOru2nn4NFlYaVjGOWa7QPeis

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 21:23:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ;MID=179018;type=v959fb862;placementID=1998711;setID=593294;channelID=0;CID=536014;BID=521006504;TAID=0;place=0;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-a... Show response
ads.securityweek.com/adserve/ 0
341 B 13ms
13ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.securityweek.com/adserve/;MID=179018;type=v959fb862;placementID=1998711;setID=593294;channelID=0;CID=536014;BID=521006504;TAID=0;place=0;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F;mt=1683149019796809;hc=78132631eec7afd249bf64cb05f26322770048bd

Requested by

Host: ads.securityweek.com
URL: https://ads.securityweek.com/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

116.202.46.88 Weng, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88.46.202.116.clients.your-server.de

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 21:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.securityweek.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 account_config_4.1.html Show response
my.justuno.com/ajax/ 4 KB
2 KB 150ms
149ms Script
application/json 2606:4700::6811:ca35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.justuno.com/ajax/account_config_4.1.html?callback=jsonCallback&m=0&id=A230AE4D-581E-411F-ACCB-A081243B2697&p=0&cm=0&pl=40
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:ca35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecbc91caef45d6527347392a7e67754c5e7e3cf8c99395bf0d387fb1fe4dc8c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:41 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: EXPIRED
last-modified: Wed, 03 May 2023 14:23:41 PST
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; Charset=UTF-8
p3p: CP="CURa ADMa DEVa TAIa CONa OUR BUS DSP NON COR"
cache-control: no-store,private
cf-ray: 7c1b9105ed0e038e-FRA
access-control-allow-headers: X-CSRFToken, x-csrf-token, x-rover-source, X-Requested-With, origin, content-type, accept
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 03 May 2023 21:23:41 GMT

GET
H2 200 findp Show response
aly.justuno.com/api/session/ 1 KB
799 B 129ms
128ms Script
application/javascript 2606:4700::6811:ca35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aly.justuno.com/api/session/findp?callback=jsonFindCallback&accid=A230AE4D-581E-411F-ACCB-A081243B2697&genhash=&device_static_hash=&userid_hash=&pageId=p468ky&guid=&time=0&segment=0&language=en-US&camefrom=&thisurl=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.63%20Safari%2F537.36&sw=1600&sh=1200
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b3007af92595e58a805e7cf7b525d84dbcc232939ce1593ac45c93585fadfa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:23:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: DAV, content-length, Allow
access-control-allow-credentials: true
cf-ray: 7c1b9105ed725b44-FRA
access-control-allow-headers: X-CSRF-Token, x-rover-source, origin, x-requested-with, content-type, accept, cache-control
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 store_4.1.html Show response
cdn.justuno.com/ Frame FE9D 2 KB
1019 B 37ms
37ms Document
text/html 2606:4700::6811:ca35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.justuno.com/store_4.1.html?v=5.63
Requested by: Host: cdn.justuno.com
URL: https://cdn.justuno.com/mwgt_4.1.js?v=5.63
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:ca35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c189dd46df7ab8b489d4a3238defd7975ad02f114eb3f72fedadeb6fde7cbe0

Request headers

Referer: https://www.securityweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=700000
cf-cache-status: DYNAMIC
cf-ray: 7c1b9106ddfc038e-FRA
content-encoding: br
content-type: text/html
date: Wed, 03 May 2023 21:23:41 GMT
last-modified: Tue, 31 Mar 2020 15:31:26 GMT
server: cloudflare
vary: Accept-Encoding
x-77-cache: HIT
x-77-nzt: AcO1rw5Jdmj/X/wAAA
x-77-nzt-ray: 9083393024af12e9ddd05264991f0311
x-77-pop: frankfurtDE
x-accel-date: 1683084414
x-age: 64607
x-amz-id-2: 9uRIVV2zDdy3QpmHGM+dqeGc/pkC1NPkc6aIUrXwvtLlV1YQUNCJWVoHyHF3uefP5ggedEr3SaU=
x-amz-request-id: DN4VP7Q6JAXPYMME
x-amz-version-id: n8._QaxL6VauG4hu9U02QXwqY3LVnM24
x-cache: HIT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
51ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304270101&jk=3270492465931875&bg=!v7ylvOjNAAYcDqajPA47ADkAdvg8WtLfuWhmQT_2_IqpPEui97ulDKvf6uvgcPKqR79cqb3L5zkRk16leUMniDyUaVgbGF96aqgCAAABUFIAAAAFaAEHCgACVT-ZAu0j_hXE9yvXi7w7im4zGx1FAOr-1MkzvyTUjFViyefgmg-2g3iAy8JBzq2mhjPCMQRP_FtqFoQO8m00u2p1nD2SzgcR577B6_qv-TWbUST0l13hGeN50EngwrSQ0rsOZLMe0P-HkBmM56zWtotXZYS9WC6rtk5K9yyHABSVscz-CeMKhZcxSIWbqL3s2Vd3oONAInm835Fy7uRD6K_jxNYZ2G_fuIlh69fynrXPslV6ByAuDxwF2oucBD6xNvk_I89zj39o-ZpmBN8NXOFrWHS8v33LoEhZSayvbKanf-ln4aUaAtFSXteixlDghy8CYEzIdBrhJESKNYDUapzLJEYsN2GIZNZT7nqv21gGxmGquCIS2chHPS2hoQiJs5ReOSxYS1TzCMQicZFMQ7SmN8dSFC63fuvKmLftfVUNZbEZOhp1QZb1Budp9Pn7t_fcBYV7b7tCsewg62X4lXtWmImOt3vQpNHFHh1Li_ZiMhecKCwAhhg5Y-tBOZsntbB0qwerYQE6WHxmyeIOvAqNQS4DK2ctBW2ft2tE7Od2GclVahyybQMz7y1cf-bF6dmTT8azuLq4SJeJRYeIPK0agg7P33epxcoPKbOGf0GvetDHJqO8Hf0bZkIm99Yr6BTFEIHR5HKRWTDulRB9YbqEmetLKogSRmX7vBp0jdWHT_QO3Vuw4JPLIepAQ1kE6PYUfgqm5TWJoEoMXWkEAj2VK3J9wKNLi08Ij68LsINSXTeqEhNqVk1epMPf9d1ndFqpddw8G6S4D0g3U1iW5Pray6NAaJFR-cSATyftLr5kCB6z2YsKaZuAIZKf7YY5SPoX0p2R23oAbLJQ6PEiXGonxc7WDF2CJba-uQpWonwEW51tIPzUCVPpGgIUvYD6qPDyY5eRxTzxmCDIpRrLszVu8FucqIrZW3lfdVyXVCIqZADzozMYZBDWJCypkI-Z21n-ric1fSHB_uNCgvABlDN3kofr4mcFhzVqBYjJUyd00Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

387 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.securityweek.com/	1970-01-20 11:32:30	Name: _ju_v Value: 4.1_5.63
.securityweek.com/	1970-01-20 11:33:55	Name: _ju_dm Value: cookie
.securityweek.com/	1970-01-20 12:15:41	Name: _ju_dn Value: 1
.securityweek.com/	1970-01-20 21:08:29	Name: _ga_9QV8NZWNBC Value: GS1.1.1683149019.1.0.1683149019.0.0.0
.securityweek.com/	1970-01-20 21:08:29	Name: _ga_M1YM36C8RW Value: GS1.1.1683149019.1.0.1683149019.0.0.0
.securityweek.com/	1970-01-20 21:08:29	Name: _ga Value: GA1.2.262825012.1683149020
.securityweek.com/	1970-01-20 11:33:55	Name: _gid Value: GA1.2.211247091.1683149020
.securityweek.com/	1970-01-20 11:32:29	Name: _gat_gtag_UA_11590534_1 Value: 1
.securityweek.com/	1970-01-20 20:54:05	Name: __gads Value: ID=1ce860d6e54b6e3e:T=1683149019:S=ALNI_MbsH973rKCdLK2eHhrl5uOS-Pc1Bg
.securityweek.com/	1970-01-20 20:54:05	Name: __gpi Value: UID=00000bf52633d20d:T=1683149019:RT=1683149019:S=ALNI_MZ7hEdHvG-2-beYgEtFZAjUiVhjKg
.doubleclick.net/	1970-01-20 20:54:05	Name: IDE Value: AHWqTUn76_8DJfAtC60WFYkZC1NEriFUueFVc_LpH5GwMrVp1Wq3dUoAQ0s9-85M2wg
.hubspot.com/	1970-01-20 11:32:30	Name: __cf_bm Value: lP9PbjAPgsyWFWF_rMRwGiUwv7cBVcFCVledij45WUw-1683149020-0-AR8++ZhOL40+tC8G55iaaqcQ2LXbdrqNUMkc5zZ0nSm/oVoEwPe4g8MD7+V5JwYxKH4k6ApLU84JmtrQ0vheGx4=
disqus.com/	1970-01-20 11:32:30	Name: __jid Value: 2sdbjrsosr9i
.disqus.com/	1970-01-20 20:18:05	Name: disqus_unique Value: 2sdbk1c290bm9t
aly.justuno.com/	1970-01-20 11:32:30	Name: __cflb Value: 0H28w1Xe92a6MDGAYhusqbdskXm88bFcSdAhTbecfrM
my.justuno.com/	1970-01-20 11:32:30	Name: __cflb Value: 04dToS6decDvtn94xCUC2uayerbxCZAP5QjHNCiw25
.securityweek.com/	1970-01-20 20:18:05	Name: _ju_dc Value: c69e2634-e9f8-11ed-82d6-2555c2108ffb
.securityweek.com/	1970-01-20 11:32:30	Name: _ju_pn Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 109) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5b305362616ed8f3d8985e68445241db.safeframe.googlesyndication.com
ad.doubleclick.net
ads.securityweek.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
aly.justuno.com
c.disquscdn.com
cdn.justuno.com
disqus.com
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hsforms.com
googleads4.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
my.justuno.com
pagead2.googlesyndication.com
referrer.disqus.com
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
securityweek.disqus.com
static.cloudflareinsights.com
tpc.googlesyndication.com
track.hubspot.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.securityweek.com
116.202.46.88
142.250.185.226
151.101.0.134
172.217.18.6
199.232.192.134
199.232.196.134
2001:4860:4802:34::36
2600:9000:2127:a400:6:8656:f5c0:93a1
2606:4700:20::6818:a003
2606:4700::6810:3865
2606:4700::6810:8cce
2606:4700::6811:69c7
2606:4700::6811:ca35
2606:4700::6811:d6f3
2606:4700::6812:18c4
2606:4700::6812:853b
2606:4700::6813:9a53
2606:4700:e2::ac40:840f
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:802::200a
2a00:1450:4001:808::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2008
2a00:1450:4001:811::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
002d4e61d6efae0d93d62d4c12576e427302f32361e675aaffa3691ecd9ae17d
023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c
02a3597511c39017b74f5436f545edf5482733b105da6012b77e4793ab552caa
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
07a391e09587513aa78421c34ed482a17a5e003c2132edd96227d53831a131b0
0803977e647dbdb41c98b4318386f697591604f184a59fcafec52ffba1f6bdef
0978438d354ec5e681207be25f53c69b24700125938105927de69dc0e55bcd48
0cba790b81c23147daa2889a77c361abb77e0406c977fa171ca326d4167c6cca
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
15f8c4e92ee10d8a0de4cf218c6539722d0f721147cb1526972120af64163005
19fe4427547b3eaaf3444e6d437bb6a708120750f54e5fef4f80a0b2cd6a9e36
22bb1253ebf8405c69bdf9d628ab472e02e1f6a06d3eb07bd171494f6c3b6aea
24ca94366d2777c45544e38e8592d63ee8fcc89b406bc3fe717a514512508a85
24f823b76d559f40b10d0fd1373ea500341a4db528842ea36821bc6fe80c1621
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2fdcf2fbd7dda2f266495e01b4674118fee5cafab182b60f05cc9c0cf7af1536
31a70ac053fb9095fecfab31d7fed0ee075826150483ba25283082f960f5c8ca
31a744fa9edc0679b21ad6995ac00235711cb9e9b67d474300d595921205eeb5
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
35fa213f71b954999771aef54be9c8a4c7d793353ea3f575cb116d00dd58f2b9
36380ba65c78f1e8a6ee7fd115d7053e7e0ba33f4a5fa1c79d05042fc5db85b0
37f724a365094e5859ef50dba7afe3764412c6cc9931a8abd7d9dc85751fd881
410648e2f3fdc08aab90de8ce3fffcc71d7d41c5b6c61aae829e6d93c6d69127
41514feeb38f4f3d0fcc41d00d04c744e0e534930b030ca6efc0eedb892022ea
42656c5a534309426b3c5452b07c4013df29165e754e36e51d724ad962bebc1f
42f8505b4b6d5476091672c8ebc27d1ed2b9d21a68890145135578a6737ef053
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4bc22b30a54e2fd4b2ef83c667b6d04357c856e22f63c8579b94dc36ae65a04c
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4ca2039a328b8430658284ee603ab8b1a8554e7e35afae2a094ea9838af9f60e
4cd14927179cd88891fae3057a4ce4a7cf499af73f65c3b2e83f32e1598c0288
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58f638229d16d32db54b5c1662f7984265ef130cf59d9dede54134ad308403dc
5bd060c4d7413c66456b91af3b13d3a3823c90543d9ccebc7a94a892ecb36d27
5c189dd46df7ab8b489d4a3238defd7975ad02f114eb3f72fedadeb6fde7cbe0
5f50b7e2dd83cfd38b606d2eb70bcb99dd4d4c462295db0baecaeabe7812e8f7
5fd5b33467ba3a9686c1203cbf6a0fd26526e5dfd695a0df98436727046294a3
60631ed8f1dfa6713ff9e30fec41786aadc477c0cac5a75dca66b5a49f76b901
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
643e504c5417068283c7ba2a2e348b0f6c12da9e7b328470424453466d69efa1
657dc3d75177e47f9575635ae97cb34696e8f4a2248dddd63a68c07d974af271
67e380395b14a5ac48faabd1838b4e6fd75b01682364f987dc8948975838837c
6a4630a6958a0f1f9c6d0edb7ec416432ab81b4cdb90d6fb98df76c54356a2f4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b3007af92595e58a805e7cf7b525d84dbcc232939ce1593ac45c93585fadfa5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
6c901589464078e8efb414f1e48d5a3fd1ca8aed43450c723ddb0b7243b34283
6d5db554f7ae65713d70fd359a046d051dada869941279557a39d0749beded33
6f237806964c3aa6317cc801d4f166fd4a98cd79b29cf1a9e3ffd8177bd1595f
706e4d8669d29a9e13cfb13a59b6c1341ec80a08c9c10eaa465756366006f327
71a9929c39f7b0020a343a7cd3685ae547fba1f21596f7982ed2c1ded802be03
7590f56a90d2c95748709c79aa95dc41e31a7f7b5c76c1ae082ed649ac144ac4
75f751319345ade1b95ef07dbf0edd015aed2f9c9d4ec764e2e8fb7919aed929
794a3f88df27cdece064dcaa4ce73387648f766d52210b1b20cf2f50e974b8ff
798d10a2358bf2bb2383db429dbd3872c61623eae564f5ec4b35cebe16e8d3ee
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
7c0a4f44a2dd7257ec37979b04d0a2457a6f619c8bae53db9580e10b6be862ab
7d5bf3f8dc9d9dcd608393de3bd8afbeedd5077039b595aaba4529064dbcbe89
7d9b7ee9ae860b2f27e08578dacc166269ab838417994fb62c568ff40245b5a3
7e201396d9731753c710feaf9f81f1a5405b0650bd4dd9ffac1f8a0ac654808d
7e423a106197def7cbfe1ae2142caf48a39478ddfd3e4e81b7cb033db5bea3c1
809ec973a018b6bf8ac18e74bfffc3d25182e6f44df00128d531cf3e07570ee6
82f855dfdf46bd5db6c2f95de7bad134c2bf5562c79af27c525c96fe0a5bb7be
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
8e59456a560f58d0b6b7934bfc06e0b2faee5d61e2bdb10eef541dd66bfebe0d
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
9039dd5a379b030cfc05b6fd664d70cc64657e5a26a093f7a08111b4e3bb9f97
91bbc128851e65442a70a7e12e55068d75d7e9b0514c5c9cb7c15fe770cf8899
94869cbea530d3ccee76f59d50ce4bd7be8022c00788ea1440ff4f1be7175aee
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
989934f975edb65dc96fce979cc86bf8d5a9453e6113df99622609381ce175d5
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3
9b0020ab4cca7d9878d71044bafe6009ebaab352d76008043055406b834ec815
9d7c24cb3877d3352b2f3f29ad6e2aee0418556546acaf0dd5c9bcda16f55e0c
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
9f84d0f2e23ebc9a3110529d50b9f83e99068e754b20c81ff8fcf7f078503aa0
a2ed84e7439fcfc9413459689f32ef5283f153846a8d8514900ca149fe578dc5
a38230d94874811a66ddf273ad03483e6a15b50b784198c15679afb6fccd61b7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c265751e99ab43911ed9b660e7c451eb90d90a2be7d13b4a594e816781cd36
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
a7c860a1505343bc4dc80a473bfe23f625da447d71af4db67b529065295d5171
a83f279ffab2866365df78e9244339e46d7752b13e43db75ca5200f9a0ec07e3
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
ac21f306d6e92ea70d7e771b3f34e2ac02fd04959e9ae585b90f3ddbad08b6c9
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ad59b3c437a380375b4205e22d9bf50856690b094d2fa425ae90971f5b58758e
ad6168938d636056b60aae51f74696f4f5505f60ae84203f0098e5e9174b5498
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
afa9c32be463f8f904da58a52ffdd8e60d68273959cae633bd89efbb27fa5b64
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6
b7c91227ed1cf1d83d32996e4e61a4f77dbdbbc9920a3a29f5ab522d237c74b7
b8a21212da46ecc2d209c89b9418b91470bf3f43cd571aa0675772c83fe33d24
b8dbf228fd3b96810997d6d3e8b9e55e4b183cf9e3c8abe9407fcf1ad58a6979
b9c358163c9330587ecaf732269ef24fb4198cbb2e010b61e7eb8d2a3b3d94e6
bbf94e5438333ae008e9b742cf1dd74dd310f7385ebe6f9ef4fdc82976de34a6
bcbee8d0dfeb5ae5d45ebe336b39d0c06453cdbd6bd4876c0afa5e5677a5abfb
bec0d00465c31b7c81d472a0a97037327c190cecfa064553a2b1a4c1054781b1
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2e7e1df5aa596aa4afbf50374723963b66d3c94348d1410f2256d4aa86ddbaf
c47493311effe3020f3e9d2d1efc214fbd84861a1b7410ce17dc9d24273b6911
c54ab568b73e88af409e7615e9c6730d701234ebe9d64b131a08fccb0bef3deb
c6a6ecd56ebd86c4bf8099f38d4acebb360dce6b8ed3b8beebf34e9845510033
c8c4b25a2805ccc0965cfc2d230fc3b7d0279221cb7a5450e4fda06f65510a94
c901e4c09c6bc073c66983e5740b7769d3ff9f40c8018caafe08ddd625fc41df
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb6d935c5494a7d6121e463f319ac4882f805d38989d6dac70ec84a29a203d2e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd3179714cc77f87b3275aecc5901867606b239d2f8d7f6a287c1a9800ff0021
cf01342c724e6c0d84e911d3451b078576a3208c7300378ef80138089e6d79e9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0b1517dc148ec4fdcceacae881103ffa7e54e74c32c7dcde5cdc9826ea735de
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
da343c70bf28bee6a1a9238dd5147b190b675a523e525e9a52b2bd9aaf48e4e1
dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e
dbf7c9bddb9ee180560fa0a36e9d0713aeb6357dd8f79ee9ab31bb9246655136
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcd22cd76b0dfdc4558fd949219aca26d17b0cffa231785d3d2647d6c717e25d
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dd6ecb2de64d9421f1cb5aeb28b25f287199206649273449573bc73a20b413f2
e15814c40decf74f25403bda7f3455c62393bfbc6710555dec7534dd2de6b739
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2f925db6119917230e885b016055a6a324d33b10585d5c7f106665ec157754e
e368aa1d25be75f399a6d6c4f6dffe8db319cb1abe581dedeb11acfa6b4a21d0
e3a7daf9f3668bd95752cd0e89d438e15814ec6a0081a56dc2627e5f2ff52a13
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
e504e9f649813734dd00f332c49ad8a7b96929b4ee751f8b69c87599c98d23dc
e592c6b2e3819e7031fe3de8cc419d76860debb304aacc26c5c8f44c23c7f990
e71d11284fe33d09fe11d031d1517b0383750bc5dba2faf77e87f42a609a1b68
e78ed0e5ab0b7d12dd54b82b6003c649cfadc34b59232079b48c22fa6b62eac8
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb41ef9e6332a0b821af92ea91c67628c0fe5f1b00b19f935b759fee9fdda231
ec99dd07af5b4a5e3b072e941d355bdbfa1db688555cd4100ab61caa2b0bc25d
ecbc91caef45d6527347392a7e67754c5e7e3cf8c99395bf0d387fb1fe4dc8c0
ee5d15d9b1f5bfa5869678f288b9e829239f719ec5cb4ff8345979eb9001870c
f02c04333073962e773be1b3e14a616eb1331ea5a13fd4d8b2fb314e5f3b9684
f1ad56a192cfb796852af711e1326b02a9af338326a60fe291ca65fe8763ddda
f2914edb33157588c8d440c36f1ea06652c133febd1719a344d79d078ec6c41a
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f571c328bd231ff14cd9c95370611470bbac73e21049be50798855c0321df307
f5a9492d83cec1c6c5002992016d131fcfac3631d3d5e9fca0943efe5073971c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6eb5ef4c0396d414989f07f743d2b5d4bd434e9c3d70d74c9639098b81a492c
f7b4f4c6aced0be2cc9004285b53f58cf62f74012a321e86938f12719fe1113a
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
fa433b899311f6fcb718687df51be730a5a7a3c6ce4dc2474ff26a383307b2ca
fb4bd4419d686ab440d7ceb2101dcd4155b4f18a12c99052a44fb503c349afed
fb766742b2e7121a6a1311b9ace1563913d6c8be2f8b3ef24b8f0410402e3757

www.securityweek.com Open in urlscan Pro 2606:4700:20::6818:a003 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

190 Requests

100 %HTTPS

81 %IPv6

22 Domains

35 Subdomains

31 IPs

2 Countries

3087 kBTransfer

7119 kBSize

18 Cookies

21 Outgoing links

Page URL History

Redirected requests

190 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.securityweek.com Open in urlscan Pro
2606:4700:20::6818:a003 Public Scan

Screenshot
Live screenshot

Full Image

190
Requests

100 %
HTTPS

81 %
IPv6

22
Domains

35
Subdomains

31
IPs

2
Countries

3087 kB
Transfer

7119 kB
Size

18
Cookies

190 HTTP transactions
0 data transactions