URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Submission Tags: @nominet_threat_intel rnt-timestamp reference_article_link confidence_high cluster_90236453 Search All
Submission: On October 30 via api from GB — Scanned from GB

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 68 HTTP transactions. The main IP is 52.223.52.2, located in United States and belongs to AMAZON-02, US. The main domain is hunt.io.
TLS certificate: Issued by WR1 on October 2nd 2024. Valid for: 3 months.
This is the only time hunt.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
54 framerusercontent.com
framerusercontent.com — Cisco Umbrella Rank: 26990
1 MB
9 hunt.io
hunt.io
app.hunt.io
420 KB
4 framer.com
events.framer.com — Cisco Umbrella Rank: 37544
framer.com — Cisco Umbrella Rank: 35418
8 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
1 framerstatic.com
app.framerstatic.com — Cisco Umbrella Rank: 182747
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
107 KB
68 6
Domain Requested by
54 framerusercontent.com hunt.io
framerusercontent.com
8 app.hunt.io hunt.io
2 framer.com 2 redirects
2 events.framer.com hunt.io
events.framer.com
1 region1.google-analytics.com www.googletagmanager.com
1 app.framerstatic.com hunt.io
1 www.googletagmanager.com hunt.io
1 hunt.io
68 8

This site contains links to these domains. Also see Links.

Domain
app.hunt.io
blog.talosintelligence.com
x.com
timeline.app
www.linkedin.com
Subject Issuer Validity Valid
hunt.io
WR1
2024-10-02 -
2024-12-31
3 months crt.sh
*.google-analytics.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
framerusercontent.com
Amazon RSA 2048 M02
2023-12-18 -
2025-01-14
a year crt.sh
events.framer.com
Amazon RSA 2048 M03
2024-04-09 -
2025-05-07
a year crt.sh
framerstatic.com
Amazon RSA 2048 M02
2024-09-22 -
2025-10-20
a year crt.sh

This page contains 1 frames:

Primary Page: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Frame ID: F2865619A7A02970A63173EFC50DA4CF
Requests: 69 HTTP requests in this frame

Screenshot

Page Title

Suspected DPRK Phishing Campaign Targets Naver; Separate Apple Domain Spoofing Cluster Identified

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

68
Requests

97 %
HTTPS

67 %
IPv6

6
Domains

8
Subdomains

9
IPs

2
Countries

1806 kB
Transfer

6142 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://framer.com/m/phosphor-icons/Sun.js@0.0.53 HTTP 302
  • https://framerusercontent.com/modules/wp6xzA2QrHTqCWJAsoKa/Hyhw8DdNtDxDqd366SY7/Sun.js
Request Chain 45
  • https://framer.com/m/phosphor-icons/Moon.js@0.0.53 HTTP 302
  • https://framerusercontent.com/modules/qdFz1d7MF7d8Wsxrv3Ew/tbOlJ2GGWCCiI25KWvfU/Moon.js

68 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request dprk-phishing-targets-naver-apple-domain-spoofing
hunt.io/blog/
618 KB
47 KB
Document
General
Full URL
https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.52.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0b1d980e1f2226c6.awsglobalaccelerator.com
Software
Framer/4d5d6b1 /
Resource Hash
15fedb6da4ddc1eb32d60d16041279eba9d17932a97ccdcbb8e5cdd2ca984a78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-length
48148
content-type
text/html
date
Wed, 30 Oct 2024 16:58:35 GMT
etag
"df012adef0b3b1f98699ee2fa759f770"
last-modified
Tue, 29 Oct 2024 18:16:52 GMT
link
<https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
server
Framer/4d5d6b1
server-timing
region;desc="eu-west-1", cache;desc="cached", ssg-status;desc="optimized", version;desc="4d5d6b1"
strict-transport-security
max-age=31536000
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/
321 KB
107 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CKJY21YJ7N
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
54e32daec6aecbd605f9181ebdfb3c5e7694ab56215376fc841fb0df862ce06e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 30 Oct 2024 16:58:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 16:58:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108996
x-xss-protection
0
server
Google Tag Manager
chunk-BRHGLVGE.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
655 KB
186 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-BRHGLVGE.mjs
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
b3c0a8d78fa457cf1b9f8981443f6e3dd48c0f3ea36f4080bb4a99be4f2244e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://hunt.io/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"4c5be723ec074bca8219b6704b1c4910"
x-amz-version-id
GZ2Y9eCGRh1_QOW6aQOtadHIJj7Ab29z
age
77310
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
DAY90E6ISoeDU7NDh8-jDfYaXsZcjXvppIbV5YJiY1rjg8e8dZEfoQ==
date
Tue, 29 Oct 2024 19:30:07 GMT
content-type
text/javascript
last-modified
Tue, 29 Oct 2024 18:16:43 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="DAY90E6ISoeDU7NDh8-jDfYaXsZcjXvppIbV5YJiY1rjg8e8dZEfoQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-RIUMFBNJ.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
447 B
1 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-RIUMFBNJ.mjs
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
a9428e5e5f6c5ede3339114a8be6230e2cc39a2190d03f1092ae93bdaf556891
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://hunt.io/

Response headers

access-control-max-age
0
etag
"30ed32fa3444df726bb60d89113cf478"
x-amz-version-id
vYavs6UabxhB5PKPh4VT.q026xitGK6K
age
3791678
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
-axi29B6NW-6-7nRxxx72BDwu48zfIOJuzGhYWU4E2RDMl5xD68QbQ==
date
Mon, 16 Sep 2024 19:43:59 GMT
content-type
text/javascript
last-modified
Mon, 16 Sep 2024 15:39:52 GMT
vary
Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="-axi29B6NW-6-7nRxxx72BDwu48zfIOJuzGhYWU4E2RDMl5xD68QbQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
447
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
Iymjj8QC5OxAta8Q0AowEU0LdJkH5QSbZAHFTDYtfw0.JZOQWO4S.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
374 KB
50 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/Iymjj8QC5OxAta8Q0AowEU0LdJkH5QSbZAHFTDYtfw0.JZOQWO4S.mjs
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
cac79b70762d24f5044627d08bfeeaa5159818faad69510785e083e972a09a56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://hunt.io/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"8dea0a87682fc0f76845997a227c05f2"
x-amz-version-id
CmQNNHf6qpew0S1jDFK1jpVEP6yW34.u
age
77310
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
uwVUWMB73jWgO0neBEsjhV6JOhhMx9CtjkfK87bw4wVm4hM1Yfs1Gg==
date
Tue, 29 Oct 2024 19:30:07 GMT
content-type
text/javascript
last-modified
Tue, 29 Oct 2024 18:16:42 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="uwVUWMB73jWgO0neBEsjhV6JOhhMx9CtjkfK87bw4wVm4hM1Yfs1Gg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-6KTT6SL4.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
269 KB
66 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-6KTT6SL4.mjs
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
a4f3a379322bb9c5360a052d8a495fc2c051c50cb555709c6ed192319fb0d5cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://hunt.io/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"d6b27ea7482af4b32dcdcce38518e57c"
x-amz-version-id
Dbljv6TYZkN3wAUcGOJXWqJWAqMpHVj_
age
77310
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
ije0Vh7QaRtkRfOgQv88ktig7dKjJtRLrG4drrLp0cfNIbA6F7aRFA==
date
Tue, 29 Oct 2024 19:30:07 GMT
content-type
text/javascript
last-modified
Tue, 29 Oct 2024 18:16:42 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="ije0Vh7QaRtkRfOgQv88ktig7dKjJtRLrG4drrLp0cfNIbA6F7aRFA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-IQJXJS56.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
2 MB
462 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-IQJXJS56.mjs
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0d483fb31b7baa932fb38d9e974bcca41a9ecfa605e0d540b66e54e39fe69f6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://hunt.io/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"31dd62f5e78dc021748cb2e226a1a631"
x-amz-version-id
ha0.ZQo2WOP80YQTROckWsD0vmO7dcYH
age
1118252
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
FSAKEHxw4kOaR3iUNZMyczJ0J6fZSeuaEc-D_dt0pDP0Z4uTcL2QaQ==
date
Thu, 17 Oct 2024 18:21:05 GMT
content-type
text/javascript
last-modified
Thu, 17 Oct 2024 17:21:59 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="FSAKEHxw4kOaR3iUNZMyczJ0J6fZSeuaEc-D_dt0pDP0Z4uTcL2QaQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-3ME57NXH.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
383 KB
56 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-3ME57NXH.mjs
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
3569b8a6e3750bc93e11a3ca27d9401dedd4e3c01dd103ce600701c5aa8a7644
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://hunt.io/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"9ebfce4d5d30fc2859c4259e518c7aa3"
x-amz-version-id
PXKLvytZ59eW5eOkm463z0lrVw19qKLA
age
77309
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
43zSE0H6lEsR9sNMKx5JTHX4YDxlQseydmgyobXJDpM0Gzsmgoa87Q==
date
Tue, 29 Oct 2024 19:30:08 GMT
content-type
text/javascript
last-modified
Tue, 29 Oct 2024 18:16:43 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="43zSE0H6lEsR9sNMKx5JTHX4YDxlQseydmgyobXJDpM0Gzsmgoa87Q==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-FA2GKZZO.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
55 KB
18 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-FA2GKZZO.mjs
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0c253af9ff017366c20986580d2b691ee64d2f1d6b72c7f9bca37c4f0566d750
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://hunt.io/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"a6f9acfc3c4f339a1cf0ebb2cb4916cd"
x-amz-version-id
nSbSiLzTLPEMPX9CVdzOdBzAmfJcSZjI
age
77310
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
K0T8lsG4c6GlgbwDpm8pWE1Spf9WUYgw-TUgCkpXUXrKGxCTtwS8lQ==
date
Tue, 29 Oct 2024 19:30:07 GMT
content-type
text/javascript
last-modified
Tue, 29 Oct 2024 18:16:43 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="K0T8lsG4c6GlgbwDpm8pWE1Spf9WUYgw-TUgCkpXUXrKGxCTtwS8lQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-Z4MFCI6W.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
22 KB
5 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-Z4MFCI6W.mjs
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4e443533af81a7c83887b03d9131a2cf8fcb15abc09182092b97680712a307e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://hunt.io/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"1171c44e08b6e55f5cae2c136567620c"
x-amz-version-id
4PMNRr49aycxEMcdb2zjKAEsxHFb2QDP
age
77310
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
gF1r3gRapJh6BGUuwnn6ByGSGKZdbjGtvmDt5g8MZvihvHx5Cyak1Q==
date
Tue, 29 Oct 2024 19:30:07 GMT
content-type
text/javascript
last-modified
Tue, 29 Oct 2024 18:16:42 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="gF1r3gRapJh6BGUuwnn6ByGSGKZdbjGtvmDt5g8MZvihvHx5Cyak1Q==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-7I2KAQD4.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
145 KB
21 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-7I2KAQD4.mjs
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
85f1d3f01630886cd28fa5692c3623b46ac90c9c542b1dcef576df083b9d7a79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://hunt.io/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"4aa7c9af16b05f2376d5a840e9336c68"
x-amz-version-id
HEW0gojn8i0qbiPY1hPQ2qAYOTSWA8j3
age
77310
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
6J5YzsvpBsxwjR1auvgVaDB7XQRi2WwLsZ56Z-1yJjK2oOCbAuYX0A==
date
Tue, 29 Oct 2024 19:30:07 GMT
content-type
text/javascript
last-modified
Tue, 29 Oct 2024 18:16:42 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="6J5YzsvpBsxwjR1auvgVaDB7XQRi2WwLsZ56Z-1yJjK2oOCbAuYX0A==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-6RY7DBXU.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
781 B
2 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-6RY7DBXU.mjs
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
6d95e599752655cd85ea4c6b0ff0f4ec11c0c9a5820eab8ed11f130d42583f46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://hunt.io/

Response headers

access-control-max-age
0
etag
"d79a3fa56dac83192a72a269380fc043"
x-amz-version-id
BWG3QYLMPFLItJFsBSRTNpgSLoKWGrKN
age
53044
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
ajFqhE6_FlDGaaiIbPJxL1jXCcNQfRpP_UiOqzj0yJbScGwrYen-dA==
date
Wed, 30 Oct 2024 02:14:33 GMT
content-type
text/javascript
last-modified
Tue, 29 Oct 2024 18:16:42 GMT
vary
Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="ajFqhE6_FlDGaaiIbPJxL1jXCcNQfRpP_UiOqzj0yJbScGwrYen-dA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
781
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-GPRLDQDE.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
3 KB
2 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-GPRLDQDE.mjs
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
550a12a417b7883808ec6b46613d9facb78a41a1b9b54178015fb3524522f298
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://hunt.io/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"04e2d6f72b2db18166ee6dd660192cd7"
x-amz-version-id
KN7b1f42C9VyY4Y_iya2yO3aG0VbAtzo
age
77310
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
w1yy_YDv9SkZySNTYnd7Wy5Y4ELirZnuAba4xA3HEULx2783egI_Xw==
date
Tue, 29 Oct 2024 19:30:07 GMT
content-type
text/javascript
last-modified
Tue, 29 Oct 2024 18:16:42 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="w1yy_YDv9SkZySNTYnd7Wy5Y4ELirZnuAba4xA3HEULx2783egI_Xw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=8
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-5VRCTFII.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
9 KB
2 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-5VRCTFII.mjs
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
7384377f4cda893eaf96df5f70be20da235295660d309327311075e09a799ee1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://hunt.io/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"90d0a7255c9ff7a805697a8064f3a354"
x-amz-version-id
jb8qaIjViMS7Sq93rBZkAzTQgSRGJHf5
age
77310
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
B1fa95Hf2HwNeXLHVDcHjoke04yoqD1TJtFIP45MKrmtYCZojoNwvA==
date
Tue, 29 Oct 2024 19:30:07 GMT
content-type
text/javascript
last-modified
Tue, 29 Oct 2024 18:16:43 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="B1fa95Hf2HwNeXLHVDcHjoke04yoqD1TJtFIP45MKrmtYCZojoNwvA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-SCWS33JG.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
20 KB
5 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-SCWS33JG.mjs
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c4656f0e9c861256b00b6311ad1782864a51064922693d4abff1edbd7e6821f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://hunt.io/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"9cb729df8cec9894e9493a5f44960e93"
x-amz-version-id
Y.eh4kk6ZqZu5rBfaXCaZcSQYOXZwsi.
age
77310
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
12EhbYJSpquFwZdDeyyLIrdLNLMKBBOzngBpDK5U_xwuYPnNHmTopw==
date
Tue, 29 Oct 2024 19:30:07 GMT
content-type
text/javascript
last-modified
Tue, 29 Oct 2024 18:16:43 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="12EhbYJSpquFwZdDeyyLIrdLNLMKBBOzngBpDK5U_xwuYPnNHmTopw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=8
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-NEMGGZRN.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
700 B
2 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-NEMGGZRN.mjs
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
aa251e81a67abeaecc0b740e3091f29ae61698620bb70ad94aaead3edc22261f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://hunt.io/

Response headers

access-control-max-age
0
etag
"298eecb6f82dad1d59f910ecd4977ae7"
x-amz-version-id
3S.CcRCj.nb6p4us9sC4wA01ft8QV6WW
age
52926
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
lbGHKfoj4NsHXgt-9FcaliTCxHemW85lWaOBPAJQhbL3YIwna-qSKA==
date
Wed, 30 Oct 2024 02:16:31 GMT
content-type
text/javascript
last-modified
Tue, 29 Oct 2024 18:16:43 GMT
vary
Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="lbGHKfoj4NsHXgt-9FcaliTCxHemW85lWaOBPAJQhbL3YIwna-qSKA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
700
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-ARDUNPSV.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
4 KB
3 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-ARDUNPSV.mjs
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
5f6925062f6334638bb2b32e84c16e512414deee53ad570a9ca6b5d5cefea5ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://hunt.io/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"173c27fc70d5229ec751bf81fda12c85"
x-amz-version-id
eyyplwh8WE2mczykwIPQQ7cjLuxIJnCP
age
77310
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
YHitIeSNJwZms7IIZOAaCIUVAoubXnQQkahcKrH-4V5wabLv2ZH4kw==
date
Tue, 29 Oct 2024 19:30:07 GMT
content-type
text/javascript
last-modified
Tue, 29 Oct 2024 18:16:43 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="YHitIeSNJwZms7IIZOAaCIUVAoubXnQQkahcKrH-4V5wabLv2ZH4kw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
script_main.3UCHYFFP.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
12 KB
7 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/script_main.3UCHYFFP.mjs
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
bc4f1b9c389477af59ee276da5b8c7a83f2fa78cf93d81c0468efc3f162710b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://hunt.io/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"6f7dd1ef4bec9d8383bbc3ab9ccb2b83"
x-amz-version-id
VIAXNHw44ms3NLMi_okhGU9Ro7r1P1ew
age
77310
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
xw5C4_M9LP80fNR7lXdX6q8PJPmM-GVQSPJ0QrCFkbZYtb8P7RHUwg==
date
Tue, 29 Oct 2024 19:30:07 GMT
content-type
text/javascript
last-modified
Tue, 29 Oct 2024 18:16:43 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="xw5C4_M9LP80fNR7lXdX6q8PJPmM-GVQSPJ0QrCFkbZYtb8P7RHUwg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
script
events.framer.com/
18 KB
7 KB
Script
General
Full URL
https://events.framer.com/script
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-68.muc50.r.cloudfront.net
Software
/
Resource Hash
89e61318afc569842f98ccd196ff7cfbb36ec69bad3af935dd5c7149b494fde4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amzn-remapped-content-length
18177
timestamp
Wed, 30 Oct 2024 16:55:28 GMT
content-encoding
gzip
x-amz-apigw-id
AeTViEULoAMEZNw=
x-amzn-trace-id
Root=1-672265bc-193224ce46bd36cf6bdc7888
x-amzn-requestid
0fb6314d-c1d4-4320-83c1-a0980801e5b7
via
1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
6204
x-amz-cf-id
b7sf4lp-oLHfkLceQu7UoXJcLJAppJ7-w-NDBwKaj_R4Y6IPaian7w==
date
Wed, 30 Oct 2024 16:58:36 GMT
content-type
text/javascript
x-amz-cf-pop
MUC50-P4
qsFdZ2P3hl21t1QMO3A2TpBkE.webp
framerusercontent.com/images/
39 KB
40 KB
Image
General
Full URL
https://framerusercontent.com/images/qsFdZ2P3hl21t1QMO3A2TpBkE.webp
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e89ba678abe5f2c8b73c3385d7a1c99bf785bbf8143574627b65ea535f3eb218
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

etag
"29104b57da7f4ef353eef8510d0de9b2"
age
96671
x-content-type-options
nosniff
x-amzn-requestid
61e809ca-52e9-487b-9aa3-0cf37f73e757
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
nZo_o18yJMv2xti4vfR9XFeLZL3kOWXx48eLmxWqrroQMNvx57-5MA==
date
Tue, 29 Oct 2024 14:07:25 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="nZo_o18yJMv2xti4vfR9XFeLZL3kOWXx48eLmxWqrroQMNvx57-5MA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-6720ec1d-72eff6ec430ecd6954b60a25;Sampled=1;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 00fe48bc72383ac135425bf0b3409486.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
51efjmRovFsjZMClijKip8G0tqA.webp
framerusercontent.com/images/
12 KB
13 KB
Image
General
Full URL
https://framerusercontent.com/images/51efjmRovFsjZMClijKip8G0tqA.webp?scale-down-to=512
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
52d3d229833e7e09e5c6fdb3aaf2567bf1c4f3d392516321d82d3044ef5e18fc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

etag
"7c16933b0adf74db37d6f053cd283bd6"
age
783171
x-content-type-options
nosniff
x-amzn-requestid
f10ded2c-7b03-44da-aab2-631e6d5edaa0
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
V8TtSs9rboGIBIbVZyD-XVLCHH6wF62rJoxAGVd_4YSqirMEwIoDog==
date
Mon, 21 Oct 2024 15:25:45 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="V8TtSs9rboGIBIbVZyD-XVLCHH6wF62rJoxAGVd_4YSqirMEwIoDog==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-67167278-578ad50866bbd1ed0659d3d0;Parent=67a2e11af2b96694;Sampled=0;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 00fe48bc72383ac135425bf0b3409486.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
a2V1lZc6ASK8uOxU5yj9R4gifc.webp
framerusercontent.com/images/
10 KB
11 KB
Image
General
Full URL
https://framerusercontent.com/images/a2V1lZc6ASK8uOxU5yj9R4gifc.webp?scale-down-to=512
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f2f232a78c891e1da92b565c7e268bece33c8dea013f11aab6ca1b378f900de2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

etag
"c0eac56d40c3eb138ea68e1647d1b0e4"
age
1123797
x-content-type-options
nosniff
x-amzn-requestid
e42297d5-e147-4ce4-931a-b0c2e85cd56d
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
4H5ashVTIX1LrNZH7mMpn_Ag5hxd2GLSwHtUJ64KnpJUjNSOLs6M4A==
date
Thu, 17 Oct 2024 16:48:39 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="4H5ashVTIX1LrNZH7mMpn_Ag5hxd2GLSwHtUJ64KnpJUjNSOLs6M4A==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-67113fe5-2d152a5f2e7fbd7a744099a2;Sampled=1;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 00fe48bc72383ac135425bf0b3409486.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
MbuqI7u5HCUaLo4OQVdLhiImU.webp
framerusercontent.com/images/
13 KB
14 KB
Image
General
Full URL
https://framerusercontent.com/images/MbuqI7u5HCUaLo4OQVdLhiImU.webp?scale-down-to=512
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
13d30d543967632ad4d7d6446df75f1afa5eec211817db6ff2a6cb4f11dd13ae
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

etag
"304dea2721467f782fadf835bde49b0a"
age
1296380
x-content-type-options
nosniff
x-amzn-requestid
cdad97db-2ace-4ee6-89d9-0813c10217d7
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Zsn1uO2ZgiaRYi_S6BCt5UTABjoonSxWQ4uqvtXl5LOr94emciCfvg==
date
Tue, 15 Oct 2024 16:52:16 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="Zsn1uO2ZgiaRYi_S6BCt5UTABjoonSxWQ4uqvtXl5LOr94emciCfvg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-670e9dc0-6d7992066310d16144bf93c6;Parent=6e3a534019427bed;Sampled=0;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 00fe48bc72383ac135425bf0b3409486.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
fOXtYSvzsNlw0tzPVKMsf72n0.png
framerusercontent.com/images/
24 KB
25 KB
Image
General
Full URL
https://framerusercontent.com/images/fOXtYSvzsNlw0tzPVKMsf72n0.png?scale-down-to=2048
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e1d4e429bec9bc36a28143018ae0400faee2ea7ffe9442942794e016a094220c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

etag
"a5fd6921c78d186fd22e12abbea6a593"
age
12891673
x-content-type-options
nosniff
x-amzn-requestid
9df5ba47-2ec8-4bec-96e9-11a9fef30e48
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
IHeEmk8idA_CAl-URl7-KCDkX1dwEdxvyr_qJC2P2jNM_sgJynTb8g==
date
Mon, 03 Jun 2024 11:57:23 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="IHeEmk8idA_CAl-URl7-KCDkX1dwEdxvyr_qJC2P2jNM_sgJynTb8g==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
root=1-665dafa2-42d508f768a18ae373bdb131;sampled=1;lineage=f456f256:0
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
referrer-policy
strict-origin-when-cross-origin
via
1.1 00fe48bc72383ac135425bf0b3409486.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
truncated
/
248 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1903ee47f38fb5a0b56ce197b51aa0e1be80b22ab3afcd1a466eb1ee536aa8b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
1ZFS7N918ojhhd0nQWdj3jz4w.woff2
framerusercontent.com/assets/
27 KB
28 KB
Font
General
Full URL
https://framerusercontent.com/assets/1ZFS7N918ojhhd0nQWdj3jz4w.woff2
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
cc324555c1cd681a59c27be1eda61da587d17bf71cc1ed8aa3e4a51e77907685
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://hunt.io/

Response headers

access-control-max-age
3000
etag
"9a2dbfafd3686aa72cb303a41be28527"
x-amz-version-id
FhKj_VGbf4ha4CqtjcCeHMQzi9fH8cVU
age
9173552
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
KuUjZ4dgk7u4B9bFtZ-ruDn76hHcAG62YkaRJHvBFwIhejcMCFq2qg==
date
Tue, 16 Jul 2024 12:46:05 GMT
content-type
font/woff2
last-modified
Mon, 15 Jul 2024 14:12:44 GMT
x-amz-server-side-encryption-aws-kms-key-id
arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="KuUjZ4dgk7u4B9bFtZ-ruDn76hHcAG62YkaRJHvBFwIhejcMCFq2qg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
28004
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
aws:kms
Inter-Medium.latin-Y3IVPL46.woff2
app.framerstatic.com/
19 KB
20 KB
Font
General
Full URL
https://app.framerstatic.com/Inter-Medium.latin-Y3IVPL46.woff2
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:fa00:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c861d136456a64c9c5619e9fa7c37c80144ea5d8879d88554c1f8abaaae891bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://hunt.io/

Response headers

access-control-max-age
3600
etag
"f366e7b832c6d0e8a2038665895c0762"
x-amz-version-id
null
age
18110730
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
aC-7YDDXvPHMsko9CFQjnkL0AcFHXP2JDSZITtWop1CCXvhoR_5XLw==
date
Thu, 04 Apr 2024 02:13:07 GMT
content-type
font/woff2
last-modified
Wed, 03 Apr 2024 22:12:41 GMT
x-frame-options
deny
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, immutable
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 4b3ef7616dbf62f98d54524f0218face.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
19904
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
vQyevYAyHtARFwPqUzQGpnDs.woff2
framerusercontent.com/assets/
27 KB
28 KB
Font
General
Full URL
https://framerusercontent.com/assets/vQyevYAyHtARFwPqUzQGpnDs.woff2
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4107b11930c4eef1f6ae5a76d441562e6d21a601f1781f37fd085542cd87412b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://hunt.io/

Response headers

access-control-max-age
3000
etag
"a14a424239fd9cb2e305f2243b1f6177"
x-amz-version-id
SH9la86RvjI0NEj8MqfrPHVtgDnLUhAV
age
9173387
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
ToJfjrM13cgHgPPqiipja0AVo-7OQIo8ExTABIQM3OBg1GNKfOpwOA==
date
Tue, 16 Jul 2024 12:48:50 GMT
content-type
font/woff2
last-modified
Mon, 15 Jul 2024 14:12:38 GMT
x-amz-server-side-encryption-aws-kms-key-id
arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="ToJfjrM13cgHgPPqiipja0AVo-7OQIo8ExTABIQM3OBg1GNKfOpwOA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
27404
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
aws:kms
DXD0Q7LSl7HEvDzucnyLnGBHM.woff2
framerusercontent.com/assets/
27 KB
28 KB
Font
General
Full URL
https://framerusercontent.com/assets/DXD0Q7LSl7HEvDzucnyLnGBHM.woff2
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
2dc968863319a6f57e6428a7b4c292ae254d3e462b5f23f71bab492317067d5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://hunt.io/

Response headers

access-control-max-age
3000
etag
"757ca4a792b8c7bbe09f6e6cee76e727"
x-amz-version-id
bCCG3uSnAgT3MLzz1ZSQU2cVkYB4Lve.
age
9173552
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
kNQZIZBmzhP1X1buFvV6pfQY4QNveSIYEvZkfgWTbX_6NNG7VwkCtg==
date
Tue, 16 Jul 2024 12:46:05 GMT
content-type
font/woff2
last-modified
Mon, 15 Jul 2024 14:11:33 GMT
x-amz-server-side-encryption-aws-kms-key-id
arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="kNQZIZBmzhP1X1buFvV6pfQY4QNveSIYEvZkfgWTbX_6NNG7VwkCtg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
27992
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
aws:kms
figure_1_open_directory_and_snippet_of_file_contents_on_the_server.webp
app.hunt.io/images/blogs/suspected-dprk/
93 KB
93 KB
Image
General
Full URL
https://app.hunt.io/images/blogs/suspected-dprk/figure_1_open_directory_and_snippet_of_file_contents_on_the_server.webp
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2888 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f93ab3ee2a08551ac16ea836ed75f14c5c9e47529336b9b4e1c05a91471cef03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

cf-cache-status
HIT
etag
"6720b4f4-17290"
age
142
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4WulusRHWqNvthf68AQ6MfArdhOb9smvDmtPOmU3xmpaOKaLRcmyWDfTh91IT0U8kBka3x3yq9on8caRHvtuQ%2BQUNk5YQvvndTatUB%2FDb6Lcd6zsMtJxCnLZAy6EMo7Lt%2F7VNg4VHgmC"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
date
Wed, 30 Oct 2024 16:58:36 GMT
content-type
image/webp
last-modified
Tue, 29 Oct 2024 10:12:04 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
strict-transport-security
max-age=31536000; includeSubdomains; preload
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dacf379ae7a52d6-LHR
accept-ranges
bytes
content-length
94864
x-xss-protection
1; mode=block
server
cloudflare
figure_2_open_directory_ip_address_overview_including_domains_and_ports.webp
app.hunt.io/images/blogs/suspected-dprk/
98 KB
98 KB
Image
General
Full URL
https://app.hunt.io/images/blogs/suspected-dprk/figure_2_open_directory_ip_address_overview_including_domains_and_ports.webp
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2888 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e62e3b39fd38c8e0d817ecf0846f086be9497b42ccc1bce20975c3a51d99931
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

cf-cache-status
HIT
etag
"6720b4f4-1862c"
age
142
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xP1q1R97nqZMhrWKIEgIDQKOwe4hF%2BjvlKhGX5%2FY%2FuuJ8Kizuay4LswW5E9sp8NyyavIEAn7ov%2F%2FSTF3BEqDiGEQpb0MrRG%2B8qm61HCrX8gC%2BpRAYBohE1oUptubp7XGFiUDi7qCHp30"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
date
Wed, 30 Oct 2024 16:58:36 GMT
content-type
image/webp
last-modified
Tue, 29 Oct 2024 10:12:04 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
strict-transport-security
max-age=31536000; includeSubdomains; preload
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dacf379ae7852d6-LHR
accept-ranges
bytes
content-length
99884
x-xss-protection
1; mode=block
server
cloudflare
figure_3_http_headers_of_port_80_after_clicking_the_magnifying_glass_on_the_ip_overview_page.webp
app.hunt.io/images/blogs/suspected-dprk/
103 KB
104 KB
Image
General
Full URL
https://app.hunt.io/images/blogs/suspected-dprk/figure_3_http_headers_of_port_80_after_clicking_the_magnifying_glass_on_the_ip_overview_page.webp
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2888 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77932109d2b049f98284a4b1d281d0881d0b51c714611e834607f3cde44e1324
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

cf-cache-status
HIT
etag
"6720b4f4-19df0"
age
142
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wXpETb29E3NKKkwSGVzIaWNvRxOr3aro6%2Bfl2g7ilOfhpDvAeOhsLxSMTOarciuxEc%2Fs3siZ3z%2B0udCiPhxMeByXvgiH%2FaJVt2T56W9jHt4yiuYpt4rmMd3UlvjDtZsKyDJP87czhWp8"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
date
Wed, 30 Oct 2024 16:58:36 GMT
content-type
image/webp
last-modified
Tue, 29 Oct 2024 10:12:04 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
strict-transport-security
max-age=31536000; includeSubdomains; preload
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dacf379ae7652d6-LHR
accept-ranges
bytes
content-length
105968
x-xss-protection
1; mode=block
server
cloudflare
figure_4_screenshot_of_the_open_directory_displaying_the_change_cookie_and_login_folders.webp
app.hunt.io/images/blogs/suspected-dprk/
77 KB
78 KB
Image
General
Full URL
https://app.hunt.io/images/blogs/suspected-dprk/figure_4_screenshot_of_the_open_directory_displaying_the_change_cookie_and_login_folders.webp
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2888 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa5d2ff11b9db8d013246abbfe4df5e2b26fe50d4fd765c2cd879631656e0799
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

cf-cache-status
HIT
etag
"6720b4f4-13522"
age
142
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yUSK43E4TalG%2BzpFtPNzqrbOr6jQ%2Fpkwka%2BJw6%2Fc3vkrUIiL4M7Gu8QZxdolMIUTZYzs5rQERk9WExKSKx50GKJR52meywCSc4Iw03pp78XUqtCv0%2FAwVB%2FwXktn3Oybtas33gsHfuPp"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
date
Wed, 30 Oct 2024 16:58:36 GMT
content-type
image/webp
last-modified
Tue, 29 Oct 2024 10:12:04 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
strict-transport-security
max-age=31536000; includeSubdomains; preload
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dacf379be8b52d6-LHR
accept-ranges
bytes
content-length
79138
x-xss-protection
1; mode=block
server
cloudflare
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CKJY21YJ7N&gtm=45je4as0v9166211784za200&_p=1730307516254&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848~101878899~101878944~101925629&cid=1038820538.1730307517&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730307516&sct=1&seg=0&dl=https%3A%2F%2Fhunt.io%2Fblog%2Fdprk-phishing-targets-naver-apple-domain-spoofing&dt=Suspected%20DPRK%20Phishing%20Campaign%20Targets%20Naver%3B%20Separate%20Apple%20Domain%20Spoofing%20Cluster%20Identified&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=465
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CKJY21YJ7N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://hunt.io
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 16:58:36 GMT
content-type
text/plain
server
Golfe2
qsFdZ2P3hl21t1QMO3A2TpBkE.webp
framerusercontent.com/images/
39 KB
0
Image
General
Full URL
https://framerusercontent.com/images/qsFdZ2P3hl21t1QMO3A2TpBkE.webp
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e89ba678abe5f2c8b73c3385d7a1c99bf785bbf8143574627b65ea535f3eb218
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

etag
"29104b57da7f4ef353eef8510d0de9b2"
age
96671
x-content-type-options
nosniff
x-amzn-requestid
61e809ca-52e9-487b-9aa3-0cf37f73e757
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
nZo_o18yJMv2xti4vfR9XFeLZL3kOWXx48eLmxWqrroQMNvx57-5MA==
date
Tue, 29 Oct 2024 14:07:25 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="nZo_o18yJMv2xti4vfR9XFeLZL3kOWXx48eLmxWqrroQMNvx57-5MA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-6720ec1d-72eff6ec430ecd6954b60a25;Sampled=1;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 00fe48bc72383ac135425bf0b3409486.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
qsFdZ2P3hl21t1QMO3A2TpBkE.webp
framerusercontent.com/images/
15 KB
16 KB
Image
General
Full URL
https://framerusercontent.com/images/qsFdZ2P3hl21t1QMO3A2TpBkE.webp?scale-down-to=512
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
73ce0021575a72cc4e664e19052d94dcc66cd1b48d4a641146db8cdf05553b9c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

etag
"05fb3664c780f2502fa6f0d094adda81"
age
97918
x-content-type-options
nosniff
x-amzn-requestid
21b2a07f-2d44-4b32-8301-16073fa7bd57
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
pGvKw7voW8VZ4Ul_hYbJ91ZDW_wPxH-dJcnK1-SuSZruJbmJyylc8g==
date
Tue, 29 Oct 2024 13:46:39 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="pGvKw7voW8VZ4Ul_hYbJ91ZDW_wPxH-dJcnK1-SuSZruJbmJyylc8g==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-6720e73e-3a1da3d4430c170a2acd83e4;Parent=4ef9b5fd6f5e0f8e;Sampled=0;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 00fe48bc72383ac135425bf0b3409486.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
51efjmRovFsjZMClijKip8G0tqA.webp
framerusercontent.com/images/
12 KB
0
Image
General
Full URL
https://framerusercontent.com/images/51efjmRovFsjZMClijKip8G0tqA.webp?scale-down-to=512
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
52d3d229833e7e09e5c6fdb3aaf2567bf1c4f3d392516321d82d3044ef5e18fc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

etag
"7c16933b0adf74db37d6f053cd283bd6"
age
783171
x-content-type-options
nosniff
x-amzn-requestid
f10ded2c-7b03-44da-aab2-631e6d5edaa0
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
V8TtSs9rboGIBIbVZyD-XVLCHH6wF62rJoxAGVd_4YSqirMEwIoDog==
date
Mon, 21 Oct 2024 15:25:45 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="V8TtSs9rboGIBIbVZyD-XVLCHH6wF62rJoxAGVd_4YSqirMEwIoDog==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-67167278-578ad50866bbd1ed0659d3d0;Parent=67a2e11af2b96694;Sampled=0;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 00fe48bc72383ac135425bf0b3409486.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
a2V1lZc6ASK8uOxU5yj9R4gifc.webp
framerusercontent.com/images/
10 KB
0
Image
General
Full URL
https://framerusercontent.com/images/a2V1lZc6ASK8uOxU5yj9R4gifc.webp?scale-down-to=512
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f2f232a78c891e1da92b565c7e268bece33c8dea013f11aab6ca1b378f900de2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

etag
"c0eac56d40c3eb138ea68e1647d1b0e4"
age
1123797
x-content-type-options
nosniff
x-amzn-requestid
e42297d5-e147-4ce4-931a-b0c2e85cd56d
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
4H5ashVTIX1LrNZH7mMpn_Ag5hxd2GLSwHtUJ64KnpJUjNSOLs6M4A==
date
Thu, 17 Oct 2024 16:48:39 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="4H5ashVTIX1LrNZH7mMpn_Ag5hxd2GLSwHtUJ64KnpJUjNSOLs6M4A==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-67113fe5-2d152a5f2e7fbd7a744099a2;Sampled=1;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 00fe48bc72383ac135425bf0b3409486.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
MbuqI7u5HCUaLo4OQVdLhiImU.webp
framerusercontent.com/images/
13 KB
0
Image
General
Full URL
https://framerusercontent.com/images/MbuqI7u5HCUaLo4OQVdLhiImU.webp?scale-down-to=512
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
13d30d543967632ad4d7d6446df75f1afa5eec211817db6ff2a6cb4f11dd13ae
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

etag
"304dea2721467f782fadf835bde49b0a"
age
1296380
x-content-type-options
nosniff
x-amzn-requestid
cdad97db-2ace-4ee6-89d9-0813c10217d7
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Zsn1uO2ZgiaRYi_S6BCt5UTABjoonSxWQ4uqvtXl5LOr94emciCfvg==
date
Tue, 15 Oct 2024 16:52:16 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="Zsn1uO2ZgiaRYi_S6BCt5UTABjoonSxWQ4uqvtXl5LOr94emciCfvg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-670e9dc0-6d7992066310d16144bf93c6;Parent=6e3a534019427bed;Sampled=0;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 00fe48bc72383ac135425bf0b3409486.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
fOXtYSvzsNlw0tzPVKMsf72n0.png
framerusercontent.com/images/
24 KB
0
Image
General
Full URL
https://framerusercontent.com/images/fOXtYSvzsNlw0tzPVKMsf72n0.png?scale-down-to=2048
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e1d4e429bec9bc36a28143018ae0400faee2ea7ffe9442942794e016a094220c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

etag
"a5fd6921c78d186fd22e12abbea6a593"
age
12891673
x-content-type-options
nosniff
x-amzn-requestid
9df5ba47-2ec8-4bec-96e9-11a9fef30e48
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
IHeEmk8idA_CAl-URl7-KCDkX1dwEdxvyr_qJC2P2jNM_sgJynTb8g==
date
Mon, 03 Jun 2024 11:57:23 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="IHeEmk8idA_CAl-URl7-KCDkX1dwEdxvyr_qJC2P2jNM_sgJynTb8g==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
root=1-665dafa2-42d508f768a18ae373bdb131;sampled=1;lineage=f456f256:0
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
via
1.1 00fe48bc72383ac135425bf0b3409486.cloudfront.net (CloudFront)
referrer-policy
strict-origin-when-cross-origin
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
anonymous
events.framer.com/
0
380 B
Ping
General
Full URL
https://events.framer.com/anonymous
Requested by
Host: events.framer.com
URL: https://events.framer.com/script
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-68.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://hunt.io/

Response headers

x-amz-apigw-id
AeTVpGlcoAMEi7w=
x-amzn-trace-id
Root=1-672265bd-420cd11370c6b557063712ea;Parent=6b1c44e9f6fd0226;Sampled=0;Lineage=1:c457ad49:0
x-amzn-requestid
7ec7504b-8987-45d7-8992-5467f74a0761
via
1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
4TAXOX9xUrGutulu6Jv-cOD59arGUbV0Fsu_r0CI55IQnOyiUdFQww==
date
Wed, 30 Oct 2024 16:58:37 GMT
content-type
application/json
x-amz-cf-pop
MUC50-P4
wvsIsx8BB-indexes-default.framercms
framerusercontent.com/modules/drpNeVQopLY1P5khDike/TRuf7M4znHGRImkbLCZZ/
3 KB
3 KB
Fetch
General
Full URL
https://framerusercontent.com/modules/drpNeVQopLY1P5khDike/TRuf7M4znHGRImkbLCZZ/wvsIsx8BB-indexes-default.framercms
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-FA2GKZZO.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
37e3ff67c90f10e90d414b40509927bd48ab564cf938eef9772801dafdcf83e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=6001-8746
Referer
https://hunt.io/

Response headers

access-control-expose-headers
Content-Range
age
76175
access-control-allow-methods
GET, HEAD, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Qyt5rPC3ncEoSE6p5W-vfyNu_GiDX3hYSBRabrQd3fpf-QIekCMTrQ==
date
Tue, 29 Oct 2024 19:49:02 GMT
content-type
application/octet-stream
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="Qyt5rPC3ncEoSE6p5W-vfyNu_GiDX3hYSBRabrQd3fpf-QIekCMTrQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
cache-control
public, max-age=604800, immutable
timing-allow-origin
*
Content-Range
bytes 6001-8746/227052
referrer-policy
strict-origin-when-cross-origin
via
1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
access-control-allow-origin
*
Content-Length
2746
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
psEar9BZHC3V1ST6mGHxVJQfBxc.png
framerusercontent.com/images/
391 B
1 KB
Other
General
Full URL
https://framerusercontent.com/images/psEar9BZHC3V1ST6mGHxVJQfBxc.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.228.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-106.muc50.r.cloudfront.net
Software
/
Resource Hash
1444a7eaffad2eae4dd0999fb1fd4c308e51876b70db2c4f1181c8a038f1f859
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

etag
"939ec6fdc5062f6529950c37ab817812"
age
13314131
x-content-type-options
nosniff
x-amzn-requestid
b0ac55ce-81d8-4ec5-a63d-b4e0230c1b65
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="Ls6cWG_tyYN9CV9_5W1W83YYS0a3klq6jQgZWCM5-WfdGL84dodN4A==",cdn-downstream-fbl=2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Wed, 29 May 2024 14:36:26 GMT
content-type
image/png
vary
Accept
x-amz-cf-id
Ls6cWG_tyYN9CV9_5W1W83YYS0a3klq6jQgZWCM5-WfdGL84dodN4A==
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
root=1-66573d6a-4e285cd21e7c73b36b481c52;sampled=1;lineage=f456f256:0
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
referrer-policy
strict-origin-when-cross-origin
via
1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
wvsIsx8BB-chunk-default-0.framercms
framerusercontent.com/modules/drpNeVQopLY1P5khDike/TRuf7M4znHGRImkbLCZZ/
173 B
703 B
Fetch
General
Full URL
https://framerusercontent.com/modules/drpNeVQopLY1P5khDike/TRuf7M4znHGRImkbLCZZ/wvsIsx8BB-chunk-default-0.framercms
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-FA2GKZZO.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.228.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-106.muc50.r.cloudfront.net
Software
/
Resource Hash
9689e32df89712327ec4dc710f53d9101f774b0f38a87c2f1c95cd6d008b3fb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=4-176
Referer
https://hunt.io/

Response headers

access-control-expose-headers
Content-Range
age
76175
access-control-allow-methods
GET, HEAD, OPTIONS
x-content-type-options
nosniff
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="AOnn3-SlFsnw99BIFdvln_hnVmGQbecpt-P4H8rsF686k2wCkBod3Q==",cdn-downstream-fbl=2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:49:02 GMT
content-type
application/octet-stream
x-amz-cf-id
AOnn3-SlFsnw99BIFdvln_hnVmGQbecpt-P4H8rsF686k2wCkBod3Q==
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, immutable
timing-allow-origin
*
Content-Range
bytes 4-176/202137
referrer-policy
strict-origin-when-cross-origin
via
1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
access-control-allow-origin
*
Content-Length
173
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
wvsIsx8BB-chunk-default-dict.framercms
framerusercontent.com/modules/drpNeVQopLY1P5khDike/TRuf7M4znHGRImkbLCZZ/
31 KB
32 KB
Fetch
General
Full URL
https://framerusercontent.com/modules/drpNeVQopLY1P5khDike/TRuf7M4znHGRImkbLCZZ/wvsIsx8BB-chunk-default-dict.framercms
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-FA2GKZZO.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.228.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-106.muc50.r.cloudfront.net
Software
/
Resource Hash
c3026d3007703e59b93c0bd3907dc4404c4505ca6f28ee05b1a00925ac5c7eac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

access-control-expose-headers
Content-Range
age
53038
access-control-allow-methods
GET, HEAD, OPTIONS
x-content-type-options
nosniff
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="wzsYjvLEzptENRT5oYdidksapx6TZMuN4jE8hu0jP7XteUvBbw7kSw==",cdn-downstream-fbl=2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 02:14:39 GMT
content-type
application/octet-stream
x-amz-cf-id
wzsYjvLEzptENRT5oYdidksapx6TZMuN4jE8hu0jP7XteUvBbw7kSw==
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, immutable
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
via
1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
32000
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
Sun.js
framerusercontent.com/modules/wp6xzA2QrHTqCWJAsoKa/Hyhw8DdNtDxDqd366SY7/
Redirect Chain
  • https://framer.com/m/phosphor-icons/Sun.js@0.0.53
  • https://framerusercontent.com/modules/wp6xzA2QrHTqCWJAsoKa/Hyhw8DdNtDxDqd366SY7/Sun.js
5 KB
2 KB
Script
General
Full URL
https://framerusercontent.com/modules/wp6xzA2QrHTqCWJAsoKa/Hyhw8DdNtDxDqd366SY7/Sun.js
Protocol
H3
Server
54.230.228.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-106.muc50.r.cloudfront.net
Software
/
Resource Hash
e77e2400288b5496592bb75f3d2c61871d947b1705f8a2d98c4bdea3a8ebbadd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://framerusercontent.com/

Response headers

access-control-expose-headers
Content-Range
content-encoding
br
age
582624
access-control-allow-methods
GET, HEAD, OPTIONS
x-content-type-options
nosniff
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="5VByuQwLUMTLv5Cg9Z_iQg4EfHjT6npVNj0OQzCRTbUufiChGhiiVQ==",cdn-downstream-fbl=2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 23:08:13 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-id
5VByuQwLUMTLv5Cg9Z_iQg4EfHjT6npVNj0OQzCRTbUufiChGhiiVQ==
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, immutable
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
via
1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5

Redirect headers

access-control-expose-headers
Content-Range
age
855
access-control-allow-methods
GET, HEAD, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
XoWVKKJagHUf2_wQtlJgE6IbXOcgSXMoS1KaFiYCqHwxWKdV-TR_qg==
date
Wed, 30 Oct 2024 16:44:22 GMT
content-type
text/html; charset=utf-8
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=3600
location
https://framerusercontent.com/modules/wp6xzA2QrHTqCWJAsoKa/Hyhw8DdNtDxDqd366SY7/Sun.js
referrer-policy
strict-origin-when-cross-origin
via
1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
109
x-xss-protection
0
x-amz-cf-pop
MUC50-P2
Moon.js
framerusercontent.com/modules/qdFz1d7MF7d8Wsxrv3Ew/tbOlJ2GGWCCiI25KWvfU/
Redirect Chain
  • https://framer.com/m/phosphor-icons/Moon.js@0.0.53
  • https://framerusercontent.com/modules/qdFz1d7MF7d8Wsxrv3Ew/tbOlJ2GGWCCiI25KWvfU/Moon.js
4 KB
2 KB
Script
General
Full URL
https://framerusercontent.com/modules/qdFz1d7MF7d8Wsxrv3Ew/tbOlJ2GGWCCiI25KWvfU/Moon.js
Protocol
H3
Server
54.230.228.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-106.muc50.r.cloudfront.net
Software
/
Resource Hash
cf51594b76c66c43206e9aa471baec6a92594ea6b8cbead1b40f445468de76e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://framerusercontent.com/

Response headers

access-control-expose-headers
Content-Range
content-encoding
br
age
549917
access-control-allow-methods
GET, HEAD, OPTIONS
x-content-type-options
nosniff
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="-pP1cXD_OduVZ_56sHJivGndRwGNtKboxhlwb-1bGURMRM8PutR_JA==",cdn-downstream-fbl=2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 08:13:20 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-id
-pP1cXD_OduVZ_56sHJivGndRwGNtKboxhlwb-1bGURMRM8PutR_JA==
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, immutable
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
via
1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5

Redirect headers

access-control-expose-headers
Content-Range
age
1274
access-control-allow-methods
GET, HEAD, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
c_bDMZ41U4esDFKPjLqgXDJUMPqzM-zbdHD38SsJDsIY6O5nAVKg3Q==
date
Wed, 30 Oct 2024 16:37:23 GMT
content-type
text/html; charset=utf-8
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=3600
location
https://framerusercontent.com/modules/qdFz1d7MF7d8Wsxrv3Ew/tbOlJ2GGWCCiI25KWvfU/Moon.js
referrer-policy
strict-origin-when-cross-origin
via
1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
110
x-xss-protection
0
x-amz-cf-pop
MUC50-P2
figure_1_open_directory_and_snippet_of_file_contents_on_the_server.webp
app.hunt.io/images/blogs/suspected-dprk/
93 KB
0
Image
General
Full URL
https://app.hunt.io/images/blogs/suspected-dprk/figure_1_open_directory_and_snippet_of_file_contents_on_the_server.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2888 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f93ab3ee2a08551ac16ea836ed75f14c5c9e47529336b9b4e1c05a91471cef03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

cf-cache-status
HIT
etag
"6720b4f4-17290"
age
142
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4WulusRHWqNvthf68AQ6MfArdhOb9smvDmtPOmU3xmpaOKaLRcmyWDfTh91IT0U8kBka3x3yq9on8caRHvtuQ%2BQUNk5YQvvndTatUB%2FDb6Lcd6zsMtJxCnLZAy6EMo7Lt%2F7VNg4VHgmC"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
date
Wed, 30 Oct 2024 16:58:36 GMT
content-type
image/webp
last-modified
Tue, 29 Oct 2024 10:12:04 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dacf379ae7a52d6-LHR
accept-ranges
bytes
content-length
94864
x-xss-protection
1; mode=block
server
cloudflare
figure_2_open_directory_ip_address_overview_including_domains_and_ports.webp
app.hunt.io/images/blogs/suspected-dprk/
98 KB
0
Image
General
Full URL
https://app.hunt.io/images/blogs/suspected-dprk/figure_2_open_directory_ip_address_overview_including_domains_and_ports.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2888 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e62e3b39fd38c8e0d817ecf0846f086be9497b42ccc1bce20975c3a51d99931
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

cf-cache-status
HIT
etag
"6720b4f4-1862c"
age
142
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xP1q1R97nqZMhrWKIEgIDQKOwe4hF%2BjvlKhGX5%2FY%2FuuJ8Kizuay4LswW5E9sp8NyyavIEAn7ov%2F%2FSTF3BEqDiGEQpb0MrRG%2B8qm61HCrX8gC%2BpRAYBohE1oUptubp7XGFiUDi7qCHp30"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
date
Wed, 30 Oct 2024 16:58:36 GMT
content-type
image/webp
last-modified
Tue, 29 Oct 2024 10:12:04 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dacf379ae7852d6-LHR
accept-ranges
bytes
content-length
99884
x-xss-protection
1; mode=block
server
cloudflare
figure_3_http_headers_of_port_80_after_clicking_the_magnifying_glass_on_the_ip_overview_page.webp
app.hunt.io/images/blogs/suspected-dprk/
103 KB
0
Image
General
Full URL
https://app.hunt.io/images/blogs/suspected-dprk/figure_3_http_headers_of_port_80_after_clicking_the_magnifying_glass_on_the_ip_overview_page.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2888 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77932109d2b049f98284a4b1d281d0881d0b51c714611e834607f3cde44e1324
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

cf-cache-status
HIT
etag
"6720b4f4-19df0"
age
142
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wXpETb29E3NKKkwSGVzIaWNvRxOr3aro6%2Bfl2g7ilOfhpDvAeOhsLxSMTOarciuxEc%2Fs3siZ3z%2B0udCiPhxMeByXvgiH%2FaJVt2T56W9jHt4yiuYpt4rmMd3UlvjDtZsKyDJP87czhWp8"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
date
Wed, 30 Oct 2024 16:58:36 GMT
content-type
image/webp
last-modified
Tue, 29 Oct 2024 10:12:04 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dacf379ae7652d6-LHR
accept-ranges
bytes
content-length
105968
x-xss-protection
1; mode=block
server
cloudflare
figure_4_screenshot_of_the_open_directory_displaying_the_change_cookie_and_login_folders.webp
app.hunt.io/images/blogs/suspected-dprk/
77 KB
0
Image
General
Full URL
https://app.hunt.io/images/blogs/suspected-dprk/figure_4_screenshot_of_the_open_directory_displaying_the_change_cookie_and_login_folders.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2888 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa5d2ff11b9db8d013246abbfe4df5e2b26fe50d4fd765c2cd879631656e0799
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

cf-cache-status
HIT
etag
"6720b4f4-13522"
age
142
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yUSK43E4TalG%2BzpFtPNzqrbOr6jQ%2Fpkwka%2BJw6%2Fc3vkrUIiL4M7Gu8QZxdolMIUTZYzs5rQERk9WExKSKx50GKJR52meywCSc4Iw03pp78XUqtCv0%2FAwVB%2FwXktn3Oybtas33gsHfuPp"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
date
Wed, 30 Oct 2024 16:58:36 GMT
content-type
image/webp
last-modified
Tue, 29 Oct 2024 10:12:04 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dacf379be8b52d6-LHR
accept-ranges
bytes
content-length
79138
x-xss-protection
1; mode=block
server
cloudflare
wvsIsx8BB-indexes-default.framercms
framerusercontent.com/modules/drpNeVQopLY1P5khDike/TRuf7M4znHGRImkbLCZZ/
518 B
1 KB
Fetch
General
Full URL
https://framerusercontent.com/modules/drpNeVQopLY1P5khDike/TRuf7M4znHGRImkbLCZZ/wvsIsx8BB-indexes-default.framercms
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-FA2GKZZO.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.228.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-106.muc50.r.cloudfront.net
Software
/
Resource Hash
90e643930f7b657378eba85aa7feeb8a8780cbd801bca5f64b7bd06b44a22cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=11854-12371
Referer
https://hunt.io/

Response headers

access-control-expose-headers
Content-Range
age
76175
access-control-allow-methods
GET, HEAD, OPTIONS
x-content-type-options
nosniff
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="AtSdJChfm3fVVMa-Q3afHGK3H7ubIVQwNwdlvks4Uxq9T28FQ6PcQA==",cdn-downstream-fbl=2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:49:02 GMT
content-type
application/octet-stream
x-amz-cf-id
AtSdJChfm3fVVMa-Q3afHGK3H7ubIVQwNwdlvks4Uxq9T28FQ6PcQA==
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, immutable
timing-allow-origin
*
Content-Range
bytes 11854-12371/227052
referrer-policy
strict-origin-when-cross-origin
via
1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
access-control-allow-origin
*
Content-Length
518
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
wvsIsx8BB-chunk-default-0.framercms
framerusercontent.com/modules/drpNeVQopLY1P5khDike/TRuf7M4znHGRImkbLCZZ/
8 KB
8 KB
Fetch
General
Full URL
https://framerusercontent.com/modules/drpNeVQopLY1P5khDike/TRuf7M4znHGRImkbLCZZ/wvsIsx8BB-chunk-default-0.framercms
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-FA2GKZZO.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.228.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-106.muc50.r.cloudfront.net
Software
/
Resource Hash
eec8f1647558b7c5dbabea816de7a9eb5ff8947ba5f907a05767e988eef28fe3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=177-8236
Referer
https://hunt.io/

Response headers

access-control-expose-headers
Content-Range
age
76175
access-control-allow-methods
GET, HEAD, OPTIONS
x-content-type-options
nosniff
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="mBTe_rV7U67j85B3JDqueniFKx2ZLX5E1eU-CNMQK1LWKqE1WvqZBg==",cdn-downstream-fbl=2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:49:02 GMT
content-type
application/octet-stream
x-amz-cf-id
mBTe_rV7U67j85B3JDqueniFKx2ZLX5E1eU-CNMQK1LWKqE1WvqZBg==
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, immutable
timing-allow-origin
*
Content-Range
bytes 177-8236/202137
referrer-policy
strict-origin-when-cross-origin
via
1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
access-control-allow-origin
*
Content-Length
8060
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
qsFdZ2P3hl21t1QMO3A2TpBkE.webp
framerusercontent.com/images/
15 KB
0
Image
General
Full URL
https://framerusercontent.com/images/qsFdZ2P3hl21t1QMO3A2TpBkE.webp?scale-down-to=512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
73ce0021575a72cc4e664e19052d94dcc66cd1b48d4a641146db8cdf05553b9c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

etag
"05fb3664c780f2502fa6f0d094adda81"
age
97918
x-content-type-options
nosniff
x-amzn-requestid
21b2a07f-2d44-4b32-8301-16073fa7bd57
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
pGvKw7voW8VZ4Ul_hYbJ91ZDW_wPxH-dJcnK1-SuSZruJbmJyylc8g==
date
Tue, 29 Oct 2024 13:46:39 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="pGvKw7voW8VZ4Ul_hYbJ91ZDW_wPxH-dJcnK1-SuSZruJbmJyylc8g==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-6720e73e-3a1da3d4430c170a2acd83e4;Parent=4ef9b5fd6f5e0f8e;Sampled=0;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 00fe48bc72383ac135425bf0b3409486.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
51efjmRovFsjZMClijKip8G0tqA.webp
framerusercontent.com/images/
12 KB
0
Image
General
Full URL
https://framerusercontent.com/images/51efjmRovFsjZMClijKip8G0tqA.webp?scale-down-to=512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
52d3d229833e7e09e5c6fdb3aaf2567bf1c4f3d392516321d82d3044ef5e18fc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

etag
"7c16933b0adf74db37d6f053cd283bd6"
age
783171
x-content-type-options
nosniff
x-amzn-requestid
f10ded2c-7b03-44da-aab2-631e6d5edaa0
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
V8TtSs9rboGIBIbVZyD-XVLCHH6wF62rJoxAGVd_4YSqirMEwIoDog==
date
Mon, 21 Oct 2024 15:25:45 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="V8TtSs9rboGIBIbVZyD-XVLCHH6wF62rJoxAGVd_4YSqirMEwIoDog==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-67167278-578ad50866bbd1ed0659d3d0;Parent=67a2e11af2b96694;Sampled=0;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 00fe48bc72383ac135425bf0b3409486.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
a2V1lZc6ASK8uOxU5yj9R4gifc.webp
framerusercontent.com/images/
10 KB
0
Image
General
Full URL
https://framerusercontent.com/images/a2V1lZc6ASK8uOxU5yj9R4gifc.webp?scale-down-to=512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f2f232a78c891e1da92b565c7e268bece33c8dea013f11aab6ca1b378f900de2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

etag
"c0eac56d40c3eb138ea68e1647d1b0e4"
age
1123797
x-content-type-options
nosniff
x-amzn-requestid
e42297d5-e147-4ce4-931a-b0c2e85cd56d
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
4H5ashVTIX1LrNZH7mMpn_Ag5hxd2GLSwHtUJ64KnpJUjNSOLs6M4A==
date
Thu, 17 Oct 2024 16:48:39 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="4H5ashVTIX1LrNZH7mMpn_Ag5hxd2GLSwHtUJ64KnpJUjNSOLs6M4A==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-67113fe5-2d152a5f2e7fbd7a744099a2;Sampled=1;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 00fe48bc72383ac135425bf0b3409486.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
MbuqI7u5HCUaLo4OQVdLhiImU.webp
framerusercontent.com/images/
13 KB
0
Image
General
Full URL
https://framerusercontent.com/images/MbuqI7u5HCUaLo4OQVdLhiImU.webp?scale-down-to=512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
13d30d543967632ad4d7d6446df75f1afa5eec211817db6ff2a6cb4f11dd13ae
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

etag
"304dea2721467f782fadf835bde49b0a"
age
1296380
x-content-type-options
nosniff
x-amzn-requestid
cdad97db-2ace-4ee6-89d9-0813c10217d7
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Zsn1uO2ZgiaRYi_S6BCt5UTABjoonSxWQ4uqvtXl5LOr94emciCfvg==
date
Tue, 15 Oct 2024 16:52:16 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="Zsn1uO2ZgiaRYi_S6BCt5UTABjoonSxWQ4uqvtXl5LOr94emciCfvg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-670e9dc0-6d7992066310d16144bf93c6;Parent=6e3a534019427bed;Sampled=0;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 00fe48bc72383ac135425bf0b3409486.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
51efjmRovFsjZMClijKip8G0tqA.webp
framerusercontent.com/images/
48 KB
49 KB
Image
General
Full URL
https://framerusercontent.com/images/51efjmRovFsjZMClijKip8G0tqA.webp
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-BRHGLVGE.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.228.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-106.muc50.r.cloudfront.net
Software
/
Resource Hash
466a4109aad7eac1b54590cea83d046585b5301c11a41ea83849b4068a43346c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hunt.io/

Response headers

etag
"08ac86caa816275882986d454a93c188"
age
782751
x-content-type-options
nosniff
x-amzn-requestid
df36b023-b3a1-4315-8296-29e5d17271f1
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="TKUXTaP6DpSyGBOKw1-AU5MFmGYDW2b78BIpZWc38pmh4jv_V0OPkw==",cdn-downstream-fbl=2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 15:32:46 GMT
content-type
image/avif
vary
Accept
x-amz-cf-id
TKUXTaP6DpSyGBOKw1-AU5MFmGYDW2b78BIpZWc38pmh4jv_V0OPkw==
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-6716741c-637a655e7a87e2682aeaec7b;Sampled=1;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
Jl3Kv7P-kDAXGrkG_Y3TePXcWEHsZdHVwzyhfgdi4S8.DRBJLRMU.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
97 KB
13 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/Jl3Kv7P-kDAXGrkG_Y3TePXcWEHsZdHVwzyhfgdi4S8.DRBJLRMU.mjs
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/script_main.3UCHYFFP.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.228.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-106.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
6971fd2c872016de6cfb40a4c3ad33f7f3bbd0726183d3e39e27ecc27dfe9ab9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/script_main.3UCHYFFP.mjs

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"57750f6669c9ebf073ff0809ab211b11"
x-amz-version-id
eWH_0DXWYEkdaPaTEcXuvMDEfBiYZYY0
age
76178
access-control-allow-methods
GET
x-content-type-options
nosniff
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="S7lIsguECXPIVauwkRM9S6_ZBOhryap3VBoLi2JzrHKuRcz6jjJnjw==",cdn-downstream-fbl=1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:49:00 GMT
content-type
text/javascript
last-modified
Tue, 29 Oct 2024 18:16:43 GMT
vary
Accept-Encoding,Origin
x-amz-cf-id
S7lIsguECXPIVauwkRM9S6_ZBOhryap3VBoLi2JzrHKuRcz6jjJnjw==
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
7nvGry3j3Lagr-bg62UjsuCR3FSPZpCnVv74AGlBIsA.ZNIR4OJ7.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
40 KB
7 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/7nvGry3j3Lagr-bg62UjsuCR3FSPZpCnVv74AGlBIsA.ZNIR4OJ7.mjs
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/script_main.3UCHYFFP.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.228.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-106.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
04bff0b6196f9feac6cbae99a3cee1cf12b43285c7740834fa1e92fe3cd62170
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/script_main.3UCHYFFP.mjs

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"319f97e5b9e06dc460b10e8ece7a8518"
x-amz-version-id
RNAW7b1XDatkOIY1Xx7rM_0d9I9ucMbG
age
76176
access-control-allow-methods
GET
x-content-type-options
nosniff
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="VuubEJMaqxlE_CfFp26uN5LJIiJwpDxFtE57Qq7Nj_SRXbh6bLJvlw==",cdn-downstream-fbl=1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:49:03 GMT
content-type
text/javascript
last-modified
Tue, 29 Oct 2024 18:16:42 GMT
vary
Accept-Encoding,Origin
x-amz-cf-id
VuubEJMaqxlE_CfFp26uN5LJIiJwpDxFtE57Qq7Nj_SRXbh6bLJvlw==
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
IRjHrVtXgP8DqdxJJgDLnPoSfU8pf44r2kULtOIir38.2UUNEI3K.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
45 KB
8 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/IRjHrVtXgP8DqdxJJgDLnPoSfU8pf44r2kULtOIir38.2UUNEI3K.mjs
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/script_main.3UCHYFFP.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.228.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-106.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
23ed5c219209a3894397f462089ee3f96888d2088dbd79e0849c466afe9d6ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/script_main.3UCHYFFP.mjs

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"4ec53adf4caa47e08d6c009e132f8850"
x-amz-version-id
wHmrHU8VWzwC7IvWWeR073OhgnvdsCWC
age
76176
access-control-allow-methods
GET
x-content-type-options
nosniff
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="DAg1hZ_hZm6kt2aw8QCMtcURU_kRw5SAekezUKQTYgn3RL8NSV7V9Q==",cdn-downstream-fbl=1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:49:03 GMT
content-type
text/javascript
last-modified
Tue, 29 Oct 2024 18:16:42 GMT
vary
Accept-Encoding,Origin
x-amz-cf-id
DAg1hZ_hZm6kt2aw8QCMtcURU_kRw5SAekezUKQTYgn3RL8NSV7V9Q==
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
uGlNsLGsxLbZSRZ1mvzu3m0ZuvxWi0UMM-zLyu4GSN4.B5FKVOL4.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
74 KB
11 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/uGlNsLGsxLbZSRZ1mvzu3m0ZuvxWi0UMM-zLyu4GSN4.B5FKVOL4.mjs
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/script_main.3UCHYFFP.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.228.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-106.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
5f45e05da879513cdb6a64445cc22ea6119056de7d3273e7d3ad5ce1c9d11759
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/script_main.3UCHYFFP.mjs

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"90f601036cfbda4981e209fb191cb0bb"
x-amz-version-id
NfYUp6w5hwxETSp42e75TYEvI.530K5B
age
76176
access-control-allow-methods
GET
x-content-type-options
nosniff
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="rZqGIHgpxX0uOBYjbRZbWjFEtW6pjjMepfWoGTHqoCGGhUTCN8aiEw==",cdn-downstream-fbl=1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:49:03 GMT
content-type
text/javascript
last-modified
Tue, 29 Oct 2024 18:16:43 GMT
vary
Accept-Encoding,Origin
x-amz-cf-id
rZqGIHgpxX0uOBYjbRZbWjFEtW6pjjMepfWoGTHqoCGGhUTCN8aiEw==
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
pRiwASxP9OJsmj9eXZodYhMZRAVY5w9eI5HAcshw2Vw.23N7ESBF.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
87 KB
12 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/pRiwASxP9OJsmj9eXZodYhMZRAVY5w9eI5HAcshw2Vw.23N7ESBF.mjs
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/script_main.3UCHYFFP.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.228.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-106.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
bef869465447d7e42d4f6f8954a8f7f18b7abd57706021f484129773f390808c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/script_main.3UCHYFFP.mjs

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"0f8aff653604ef3eaa08c267a42ec2ab"
x-amz-version-id
CTabRL3lR0jVCaw6s9dDL6S.5rxV7Te_
age
77308
access-control-allow-methods
GET
x-content-type-options
nosniff
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="DHibvynJbEy-xU1nvA8rghAfVJcHdUyX6fWOmiky7l--ZYcAy8_zRg==",cdn-downstream-fbl=1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:30:11 GMT
content-type
text/javascript
last-modified
Tue, 29 Oct 2024 18:16:42 GMT
vary
Accept-Encoding,Origin
x-amz-cf-id
DHibvynJbEy-xU1nvA8rghAfVJcHdUyX6fWOmiky7l--ZYcAy8_zRg==
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-6UFG4TWW.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
1000 B
1 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-6UFG4TWW.mjs
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.228.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-106.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
219b4e34e707365a8236438d5af4504120f284b523d95eb63c05bba3f0aa4b0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/7nvGry3j3Lagr-bg62UjsuCR3FSPZpCnVv74AGlBIsA.ZNIR4OJ7.mjs

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"0396206f2839e31813dd35bf14a510a4"
x-amz-version-id
77JN3E.pM1U7.kRtwyEie9YA_sgbIo1b
age
4782076
access-control-allow-methods
GET
x-content-type-options
nosniff
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="hFIbBuAPwk5PrQk0b_EOkwCspHJNGrsDTd5e_K1DWoSQNm4oRnL8Ow==",cdn-downstream-fbl=2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Thu, 05 Sep 2024 08:37:23 GMT
content-type
text/javascript
last-modified
Wed, 04 Sep 2024 17:18:27 GMT
vary
Accept-Encoding,Origin
x-amz-cf-id
hFIbBuAPwk5PrQk0b_EOkwCspHJNGrsDTd5e_K1DWoSQNm4oRnL8Ow==
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-3OHOHP5K.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
1 KB
1 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-3OHOHP5K.mjs
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.228.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-106.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
85423271cadc50e7a8873249d3ece6c62b3180112ac657e66347ce4241d31dc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/Jl3Kv7P-kDAXGrkG_Y3TePXcWEHsZdHVwzyhfgdi4S8.DRBJLRMU.mjs

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"0d3db3f4c9f52ed4383abbcc60719616"
x-amz-version-id
RGc_Ws_DDVt19gqO4V500uKpAg8wxHba
age
76178
access-control-allow-methods
GET
x-content-type-options
nosniff
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="QpLkWMyPnGH1SrFnB4zQ9wjpVqjx12MBA5bz6e1iFTfaR8Z-jucpYQ==",cdn-downstream-fbl=2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:49:00 GMT
content-type
text/javascript
last-modified
Tue, 29 Oct 2024 18:16:43 GMT
vary
Accept-Encoding,Origin
x-amz-cf-id
QpLkWMyPnGH1SrFnB4zQ9wjpVqjx12MBA5bz6e1iFTfaR8Z-jucpYQ==
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-T5EFLHWR.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
996 B
2 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-T5EFLHWR.mjs
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.228.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-106.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
b8d271456844cdc4afcb7f243e38180242a9c4f66aadc2b09cafc0fa008f9e5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/IRjHrVtXgP8DqdxJJgDLnPoSfU8pf44r2kULtOIir38.2UUNEI3K.mjs

Response headers

access-control-max-age
0
etag
"3a1dc2e88c88fcf981796246d967d8a5"
x-amz-version-id
CZHlBa7eioFzGQsGcb3y2VH.t7qN_XWG
age
4782076
access-control-allow-methods
GET
x-content-type-options
nosniff
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="ZkaI-nK8yWg7M3z9YOJSt2_LJJVXPIVag1VrooyrMQuGOau4bbmgDA==",cdn-downstream-fbl=3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Thu, 05 Sep 2024 08:37:23 GMT
content-type
text/javascript
last-modified
Wed, 04 Sep 2024 17:18:28 GMT
vary
Origin
x-amz-cf-id
ZkaI-nK8yWg7M3z9YOJSt2_LJJVXPIVag1VrooyrMQuGOau4bbmgDA==
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
996
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-2MP2Z6KV.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
993 B
2 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-2MP2Z6KV.mjs
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.228.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-106.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
20f16f669e39ddc2f4fce46463481ec43157c6d23258ec2f59f32a23c3d66a8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/pRiwASxP9OJsmj9eXZodYhMZRAVY5w9eI5HAcshw2Vw.23N7ESBF.mjs

Response headers

access-control-max-age
0
etag
"a0270dad90dd051af03ad27f756ce88b"
x-amz-version-id
Xa6i0f68HFqGuYAYsjcBEL8VNbvS_6X7
age
515301
access-control-allow-methods
GET
x-content-type-options
nosniff
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="By-81iK_TLkv1F1dfWfkeDBLvxrLqp3yrrDcPRhz5ZrR10bs0BIBDQ==",cdn-downstream-fbl=1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 17:50:18 GMT
content-type
text/javascript
last-modified
Thu, 24 Oct 2024 17:21:26 GMT
vary
Origin
x-amz-cf-id
By-81iK_TLkv1F1dfWfkeDBLvxrLqp3yrrDcPRhz5ZrR10bs0BIBDQ==
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
993
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-ATTCZDHB.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
16 KB
4 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-ATTCZDHB.mjs
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.228.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-106.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
372893f593530258795d31b8a005b37a94703d02f26cc89ac85b6d856d7239fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/pRiwASxP9OJsmj9eXZodYhMZRAVY5w9eI5HAcshw2Vw.23N7ESBF.mjs

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"7f9163d590fdfe1f27f36422ffe40ef2"
x-amz-version-id
44LVJ3QeVND71.rndrTb.GLH7P8UcPFy
age
77307
access-control-allow-methods
GET
x-content-type-options
nosniff
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="sClzVyNg9Hw_atv19U01_BLOgPQ8vVhdJ53fpM7SaexVnKVwO3E7zQ==",cdn-downstream-fbl=1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 19:30:12 GMT
content-type
text/javascript
last-modified
Tue, 29 Oct 2024 18:16:42 GMT
vary
Accept-Encoding,Origin
x-amz-cf-id
sClzVyNg9Hw_atv19U01_BLOgPQ8vVhdJ53fpM7SaexVnKVwO3E7zQ==
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-2GYV7IVM.mjs
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/
933 B
2 KB
Script
General
Full URL
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-2GYV7IVM.mjs
Requested by
Host: hunt.io
URL: https://hunt.io/blog/dprk-phishing-targets-naver-apple-domain-spoofing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.228.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-106.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
195e5840ca8966eb3ab97a9eb1582e7375d49810416f043dd8378af918367b9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hunt.io
Referer
https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/uGlNsLGsxLbZSRZ1mvzu3m0ZuvxWi0UMM-zLyu4GSN4.B5FKVOL4.mjs

Response headers

access-control-max-age
0
etag
"24298ba8391c7d23a5170e0e38318a28"
x-amz-version-id
4vGIXYTq8ueJqN572Ig7jiu.3n5EU9ic
age
4265470
access-control-allow-methods
GET
x-content-type-options
nosniff
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="j6avDCQVspKzvaTzYcwA6Dd2CfTvIXTabF0t738Xr-GnUytYHi8qsw==",cdn-downstream-fbl=1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Wed, 11 Sep 2024 08:07:29 GMT
content-type
text/javascript
last-modified
Tue, 10 Sep 2024 13:03:14 GMT
vary
Origin
x-amz-cf-id
j6avDCQVspKzvaTzYcwA6Dd2CfTvIXTabF0t738Xr-GnUytYHi8qsw==
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
933
x-xss-protection
0
x-amz-cf-pop
MUC50-P5
server
CloudFront
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| __framer_onRewriteBreakpoints function| c object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| __framer_importFromPackage object| process object| __framer_events function| __send_framer_event boolean| MotionIsMounted

2 Cookies

Domain/Path Name / Value
.hunt.io/ Name: _ga_CKJY21YJ7N
Value: GS1.1.1730307516.1.0.1730307516.0.0.0
.hunt.io/ Name: _ga
Value: GA1.1.1038820538.1730307517

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.framerstatic.com
app.hunt.io
events.framer.com
framer.com
framerusercontent.com
hunt.io
region1.google-analytics.com
www.googletagmanager.com
18.173.187.68
2001:4860:4802:32::36
2600:9000:20ae:ba00:d:ada1:a280:93a1
2600:9000:20ae:fa00:d:6b42:4ec0:93a1
2600:9000:237d:2000:10:9b9d:b9c0:93a1
2606:4700:3108::ac42:2888
2a00:1450:4001:811::2008
52.223.52.2
54.230.228.106
04bff0b6196f9feac6cbae99a3cee1cf12b43285c7740834fa1e92fe3cd62170
0c253af9ff017366c20986580d2b691ee64d2f1d6b72c7f9bca37c4f0566d750
0d483fb31b7baa932fb38d9e974bcca41a9ecfa605e0d540b66e54e39fe69f6b
0e62e3b39fd38c8e0d817ecf0846f086be9497b42ccc1bce20975c3a51d99931
13d30d543967632ad4d7d6446df75f1afa5eec211817db6ff2a6cb4f11dd13ae
1444a7eaffad2eae4dd0999fb1fd4c308e51876b70db2c4f1181c8a038f1f859
15fedb6da4ddc1eb32d60d16041279eba9d17932a97ccdcbb8e5cdd2ca984a78
1903ee47f38fb5a0b56ce197b51aa0e1be80b22ab3afcd1a466eb1ee536aa8b3
195e5840ca8966eb3ab97a9eb1582e7375d49810416f043dd8378af918367b9f
20f16f669e39ddc2f4fce46463481ec43157c6d23258ec2f59f32a23c3d66a8a
219b4e34e707365a8236438d5af4504120f284b523d95eb63c05bba3f0aa4b0b
23ed5c219209a3894397f462089ee3f96888d2088dbd79e0849c466afe9d6ae8
2dc968863319a6f57e6428a7b4c292ae254d3e462b5f23f71bab492317067d5f
3569b8a6e3750bc93e11a3ca27d9401dedd4e3c01dd103ce600701c5aa8a7644
372893f593530258795d31b8a005b37a94703d02f26cc89ac85b6d856d7239fd
37e3ff67c90f10e90d414b40509927bd48ab564cf938eef9772801dafdcf83e3
4107b11930c4eef1f6ae5a76d441562e6d21a601f1781f37fd085542cd87412b
466a4109aad7eac1b54590cea83d046585b5301c11a41ea83849b4068a43346c
4e443533af81a7c83887b03d9131a2cf8fcb15abc09182092b97680712a307e6
52d3d229833e7e09e5c6fdb3aaf2567bf1c4f3d392516321d82d3044ef5e18fc
54e32daec6aecbd605f9181ebdfb3c5e7694ab56215376fc841fb0df862ce06e
550a12a417b7883808ec6b46613d9facb78a41a1b9b54178015fb3524522f298
5f45e05da879513cdb6a64445cc22ea6119056de7d3273e7d3ad5ce1c9d11759
5f6925062f6334638bb2b32e84c16e512414deee53ad570a9ca6b5d5cefea5ff
6971fd2c872016de6cfb40a4c3ad33f7f3bbd0726183d3e39e27ecc27dfe9ab9
6d95e599752655cd85ea4c6b0ff0f4ec11c0c9a5820eab8ed11f130d42583f46
7384377f4cda893eaf96df5f70be20da235295660d309327311075e09a799ee1
73ce0021575a72cc4e664e19052d94dcc66cd1b48d4a641146db8cdf05553b9c
77932109d2b049f98284a4b1d281d0881d0b51c714611e834607f3cde44e1324
85423271cadc50e7a8873249d3ece6c62b3180112ac657e66347ce4241d31dc9
85f1d3f01630886cd28fa5692c3623b46ac90c9c542b1dcef576df083b9d7a79
89e61318afc569842f98ccd196ff7cfbb36ec69bad3af935dd5c7149b494fde4
90e643930f7b657378eba85aa7feeb8a8780cbd801bca5f64b7bd06b44a22cad
9689e32df89712327ec4dc710f53d9101f774b0f38a87c2f1c95cd6d008b3fb4
a4f3a379322bb9c5360a052d8a495fc2c051c50cb555709c6ed192319fb0d5cd
a9428e5e5f6c5ede3339114a8be6230e2cc39a2190d03f1092ae93bdaf556891
aa251e81a67abeaecc0b740e3091f29ae61698620bb70ad94aaead3edc22261f
b3c0a8d78fa457cf1b9f8981443f6e3dd48c0f3ea36f4080bb4a99be4f2244e3
b8d271456844cdc4afcb7f243e38180242a9c4f66aadc2b09cafc0fa008f9e5b
bc4f1b9c389477af59ee276da5b8c7a83f2fa78cf93d81c0468efc3f162710b6
bef869465447d7e42d4f6f8954a8f7f18b7abd57706021f484129773f390808c
c3026d3007703e59b93c0bd3907dc4404c4505ca6f28ee05b1a00925ac5c7eac
c4656f0e9c861256b00b6311ad1782864a51064922693d4abff1edbd7e6821f6
c861d136456a64c9c5619e9fa7c37c80144ea5d8879d88554c1f8abaaae891bf
cac79b70762d24f5044627d08bfeeaa5159818faad69510785e083e972a09a56
cc324555c1cd681a59c27be1eda61da587d17bf71cc1ed8aa3e4a51e77907685
cf51594b76c66c43206e9aa471baec6a92594ea6b8cbead1b40f445468de76e0
e1d4e429bec9bc36a28143018ae0400faee2ea7ffe9442942794e016a094220c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77e2400288b5496592bb75f3d2c61871d947b1705f8a2d98c4bdea3a8ebbadd
e89ba678abe5f2c8b73c3385d7a1c99bf785bbf8143574627b65ea535f3eb218
eec8f1647558b7c5dbabea816de7a9eb5ff8947ba5f907a05767e988eef28fe3
f2f232a78c891e1da92b565c7e268bece33c8dea013f11aab6ca1b378f900de2
f93ab3ee2a08551ac16ea836ed75f14c5c9e47529336b9b4e1c05a91471cef03
fa5d2ff11b9db8d013246abbfe4df5e2b26fe50d4fd765c2cd879631656e0799