www.securityweek.com Open in urlscan Pro
2606:4700:20::ac43:61a9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Submission: On July 10 via api (July 10th 2023, 12:37:36 pm UTC) from IN — Scanned from DE

Summary HTTP 176 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 26 IPs in 2 countries across 19 domains to perform 176 HTTP transactions. The main IP is 2606:4700:20::ac43:61a9, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.securityweek.com. The Cisco Umbrella rank of the primary domain is 315063.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 24th 2023. Valid for: a year.

This is the only time www.securityweek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 83	2606:4700:20:... 2606:4700:20::ac43:61a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:853b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6811:cb35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
12	78.159.97.6 78.159.97.6	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
3	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:8ace	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:19c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:6cc7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
7	151.101.192.134 151.101.192.134	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:d5f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2600:9000:223... 2600:9000:223d:da00:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
176	26

83 2606:4700:20::ac43:61a9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.securityweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:853b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:cb35 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.justuno.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
my.justuno.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aly.justuno.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 78.159.97.6 (Sigmaringen, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: hosted-by.leaseweb.com

ads.securityweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

securityweek.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9f680d97fa27aa6285466d0d84937ff2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8ace (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:19c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:6cc7 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.192.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5f3 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:9000:223d:da00:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
95	securityweek.com 1 redirects www.securityweek.com — Cisco Umbrella Rank: 315063 ads.securityweek.com — Cisco Umbrella Rank: 939676	2 MB
17	disquscdn.com c.disquscdn.com — Cisco Umbrella Rank: 4757	470 KB
12	gstatic.com fonts.gstatic.com	192 KB
11	disqus.com securityweek.disqus.com disqus.com — Cisco Umbrella Rank: 1287 referrer.disqus.com — Cisco Umbrella Rank: 6882	109 KB
8	googlesyndication.com 9f680d97fa27aa6285466d0d84937ff2.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	41 KB
8	justuno.com cdn.justuno.com — Cisco Umbrella Rank: 30956 my.justuno.com — Cisco Umbrella Rank: 34809 aly.justuno.com — Cisco Umbrella Rank: 43257	60 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 433 fonts.googleapis.com — Cisco Umbrella Rank: 88	17 KB
3	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2438	16 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216	166 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 5002 forms.hscollectedforms.net — Cisco Umbrella Rank: 5136	26 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	2 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1623	303 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	171 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1174	14 KB
1	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4527	983 B
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2542	1 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2425	21 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2680	1 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1196	12 KB
176	19

	Domain	Requested by
83	www.securityweek.com	1 redirects www.securityweek.com static.cloudflareinsights.com
17	c.disquscdn.com	disqus.com c.disquscdn.com
12	ads.securityweek.com	www.securityweek.com ads.securityweek.com
12	fonts.gstatic.com	fonts.googleapis.com
7	disqus.com	securityweek.disqus.com c.disquscdn.com
5	cdn.justuno.com	www.securityweek.com cdn.justuno.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	fonts.googleapis.com	www.securityweek.com client
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	js.hs-banner.com	js.hs-scripts.com js.hs-banner.com
3	securityweek.disqus.com	www.securityweek.com securityweek.disqus.com
3	securepubads.g.doubleclick.net	www.securityweek.com securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	my.justuno.com	cdn.justuno.com www.securityweek.com
2	www.googletagmanager.com	www.securityweek.com
2	static.cloudflareinsights.com	www.securityweek.com
1	aly.justuno.com	www.securityweek.com
1	referrer.disqus.com
1	forms.hsforms.com
1	track.hubspot.com
1	www.google.com	tpc.googlesyndication.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	9f680d97fa27aa6285466d0d84937ff2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	js.hs-scripts.com	www.securityweek.com
1	use.fontawesome.com	www.securityweek.com
1	ajax.googleapis.com	www.securityweek.com
176	29

This site contains links to these domains. Also see Links.

Domain
gateway.on24.com
www.securitysummits.com
www.icscybersecurityconference.com
www.facebook.com
twitter.com
www.linkedin.com
ads.securityweek.com
web.whatsapp.com
www.crowdstrike.com
www.bloomberg.com
content.fireeye.com
www.cisoforum.com
advertise.securityweek.com

Subject Issuer	Validity	Valid
www.securityweek.com Cloudflare Inc ECC CA-3	`2023-01-24` - `2024-01-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
use.fontawesome.com GTS CA 1P5	`2023-07-04` - `2023-10-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
justuno.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
servedbyadbutler.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-06` - `2024-01-03`	6 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-13` - `2024-04-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
a.disquscdn.com Amazon RSA 2048 M01	`2023-03-01` - `2023-10-29`	8 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Frame ID: E648E83643115138A2EE465D92345AB7
Requests: 134 HTTP requests in this frame

Frame: https://9f680d97fa27aa6285466d0d84937ff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3F86686F08437D6B2AD0D736286C0010
Requests: 1 HTTP requests in this frame

Frame: https://cdn.justuno.com/store_4.1.html?v=5.72
Frame ID: FC479F7913C531A6D7AF54EAC0F71492
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&s_o=default
Frame ID: 185A39A87571F9089B05DE572D9CF2A4
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 39A62A458A362E2A60AEE3AB3FC8A4B4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E6C676F219412F79D2D7ACA9491C0C20
Requests: 2 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group
Frame ID: F4785B0FD24678A4F8A1B007D563418A
Requests: 16 HTTP requests in this frame

Frame: https://cdn.justuno.com/store_4.1.html?v=5.72
Frame ID: FD2C6B635B4F73CBF545C46858595477
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

North Korean Attacks on Banks Attributed to 'APT38' Group - SecurityWeek

Page URL History Show full URLs

https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group HTTP 301
https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

176
Requests

100 %
HTTPS

85 %
IPv6

19
Domains

29
Subdomains

26
IPs

2
Countries

2979 kB
Transfer

6655 kB
Size

15
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://gateway.on24.com/wcc/eh/1220486/securityweek-webcast-library
Title: Webcasts

Search URL Search Domain Scan URL

URL: https://www.securitysummits.com/
Title: Virtual Events

Search URL Search Domain Scan URL

URL: https://www.icscybersecurityconference.com/
Title: ICS Cybersecurity Conference

Search URL Search Domain Scan URL

URL: https://www.securitysummits.com/event/ciso-virtual-summit/
Title: CISO Forum

Search URL Search Domain Scan URL

URL: https://www.facebook.com/SecurityWeekCom-366251913615/

Search URL Search Domain Scan URL

URL: https://twitter.com/securityweek

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/securityweek/

Search URL Search Domain Scan URL

URL: https://ads.securityweek.com/redirect.spark?MID=179018&plid=2118090&setID=593294&channelID=0&CID=775056&banID=521108512&PID=0&textadID=0&tc=1&adSize=970x250&mt=1688992651597796&sw=1600&sh=1200&spr=1&referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&hc=42780530d9c393dfe76793c58d50893ba2e30784&location=

Search URL Search Domain Scan URL

URL: https://web.whatsapp.com/send?text=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group%20https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.crowdstrike.com/blog/meet-crowdstrikes-adversary-of-the-month-for-april-stardust-chollima/
Title: Stardust Chollima

Search URL Search Domain Scan URL

URL: https://www.bloomberg.com/news/articles/2018-05-29/mexico-foiled-a-110-million-bank-heist-then-kept-it-a-secret
Title: Bancomext

Search URL Search Domain Scan URL

URL: https://ads.securityweek.com/redirect.spark?MID=179018&plid=2118084&setID=605204&channelID=0&CID=775050&banID=521108503&PID=0&textadID=0&tc=1&adSize=300x250&mt=1688992651596163&sw=1600&sh=1200&spr=1&referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&hc=5ed671510816f35504e513c5a750e4a406c0cfa0&location=

Search URL Search Domain Scan URL

URL: https://content.fireeye.com/apt/rpt-apt38
Title: report on APT38

Search URL Search Domain Scan URL

URL: https://twitter.com/EduardKovacs

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/eduard-kovacs-7b796134/

Search URL Search Domain Scan URL

URL: https://www.securitysummits.com/event/threat-intelligence-summit/
Title: Virtual Event: Threat Detection and Incident Response Summit

Search URL Search Domain Scan URL

URL: https://www.cisoforum.com/
Title: CISO Forum

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/groups?mostPopular=&gid=3551517
Title: Cyber Weapon Discussion Group

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/groups/?gid=4439585
Title: Security Intelligence Group

Search URL Search Domain Scan URL

URL: https://advertise.securityweek.com/info
Title: Advertising

Search URL Search Domain Scan URL

URL: https://advertise.securityweek.com/events
Title: Event Sponsorships

Search URL Search Domain Scan URL

URL: https://advertise.securityweek.com/contact-securityweek
Title: Writing Opportunities

Search URL Search Domain Scan URL

URL: https://ads.securityweek.com/redirect.spark?MID=179018&plid=2114926&setID=479628&channelID=0&CID=773887&banID=521099255&PID=0&textadID=0&tc=1&adSize=640x480&mt=1688992651597005&sw=1600&sh=1200&spr=1&referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&hc=daac9843cf833e7f67d8dc8a5e5a31308f192c21&location=

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group HTTP 301
https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

176 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Redirect Chain

https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group
https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/

152 KB
30 KB

1016ms
1015ms

Document
text/html

2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: f5d7f5b78fee27753067d462ffc86f7d17d33d67f54354e86469067ba93d3903

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e48dbb8f9e24da4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 10 Jul 2023 12:37:30 GMT
last-modified: Mon, 23 Jan 2023 20:05:00 GMT
link: <https://www.securityweek.com/wp-json/>; rel="https://api.w.org/" <https://www.securityweek.com/wp-json/wp/v2/posts/16121>; rel="alternate"; type="application/json" <https://www.securityweek.com/?p=16121>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l84fqQfRySsQyKYZqZe8WjDFp78N%2BKuc9NUMysFs%2BXytzJzThm3oPtdJPYuMJFv%2FYH9MimYvhmVWPNpLVqm92Zj40WsWSttPSxRlSz2nACEQ%2FVvNQ6ZrFbKpJ6a4l1yiHVkQZgsxOWWNrEfW66MhyEKe"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: MISS
x-cache-group: normal
x-cacheable: SHORT
x-pingback: https://www.securityweek.com/xmlrpc.php
x-powered-by: WP Engine

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e48dbb4ccd64da4-FRA
content-type: text/html; charset=UTF-8
date: Mon, 10 Jul 2023 12:37:29 GMT
expires: Mon, 10 Jul 2023 13:37:28 GMT
last-modified: Mon, 23 Jan 2023 20:05:00 GMT
location: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKqaccVvpN5uKlEJOaSlq9HEaYgfOfRjAhppfe8u0FeTitC9fvUm58iDnsHbCXa9HMg4qMlu%2FCkFDhio68tHv6Wq%2BfjAWr9qun%2BtU4ZIEzvW4tijKM8yW05uz098hqYGANmHVGkN61yG0jaNb2DqsofH"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-cache: MISS
x-cache-group: normal
x-cacheable: non200
x-orig-cache-control: max-age=3600
x-pingback: https://www.securityweek.com/xmlrpc.php
x-powered-by: WP Engine
x-redirect-by: WordPress

GET
H3 200 uF-Ze7WAyjEpzP032WXyUupeXAE.js Show response
www.securityweek.com/cdn-cgi/apps/head/ 5 KB
2 KB 36ms
35ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/cdn-cgi/apps/head/uF-Ze7WAyjEpzP032WXyUupeXAE.js
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 794a3f88df27cdece064dcaa4ce73387648f766d52210b1b20cf2f50e974b8ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
x-amz-version-id: Id.3DPa.BYLi4zj2Rnk8_fem54OEk5yj
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 16:30:31 GMT
server: cloudflare
x-amz-request-id: 8DF4V5A6CNRNA3EH
age: 6452399
etag: W/"739c49d4a7bfbaabde79b20a6605c852"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7e48dbbf5b1535e5-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ItMf5HZfTkv0aKMWGnTjSU6qoJyeqDcPElVnwN+ezobeY1Ob/g5oDtPnXLphdYY/aVQvwZTRe9I=

GET
H3 200 style.min.css
www.securityweek.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 39ms
36ms Stylesheet
text/css 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 09:09:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3478364
etag: W/"642d3aad-17ced"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWhKUO8yzCDdPy1KzoxOqesx6IkPeeIOY%2BrzE6%2FfEAhsa1KZ%2F3Vln%2F%2BWfitvb1nFLjsEBztPlT9zg1i7%2F%2BGysNEcXtTXK5HXQkvqQKR%2FTkGTly2n%2Fa8K8Vm4a7WbyNj7n3BxCdSK2JTKtResK1yApYzc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbbf5b1b35e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 classic-themes.min.css
www.securityweek.com/wp-includes/css/ 291 B
672 B 36ms
33ms Stylesheet
text/css 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 09:09:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3478364
etag: W/"642d3aad-123"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6p6GSSDm67yyrcYa9UCK2rjaviXuZH1fPX6bfk8QPSIQbmAwT3%2Fw5j%2FuXwrHuA7ldxiVxdeUbTBoh7kZkm0wtW0QVqhSfMA70vvvktc2H9HAuFI1Pt3my8IesdUGCXqLGh7VOQENxuEaZr4xXGwKFkOZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbbf5b1c35e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 chartsofday.css
www.securityweek.com/wp-content/plugins/securityweek-chartoftheday/css/ 308 B
668 B 84ms
80ms Stylesheet
text/css 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/securityweek-chartoftheday/css/chartsofday.css?ver=1.0.0
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d7c24cb3877d3352b2f3f29ad6e2aee0418556546acaf0dd5c9bcda16f55e0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13762693
cf-polished: origSize=452
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-1c4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yGKJaqqJDnbWVvBuPHsmNrwOjzbrQciMsaQ9hR1DkjG8zeQbEXNgvbW1G%2FhMsaq2fRZPH4k4pute%2Bfub2mTpPaL0Cjyw%2BvFfe3FMckTBTioNFH%2BfX8p2hC7hwBD72iD2ndg%2Fo87"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbbf5b1e35e5-FRA

GET
H3 200 security-week.css
www.securityweek.com/wp-content/plugins/securityweek/assets/css/ 1019 B
896 B 78ms
74ms Stylesheet
text/css 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/securityweek/assets/css/security-week.css?ver=1.3.0
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24ca94366d2777c45544e38e8592d63ee8fcc89b406bc3fe717a514512508a85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13762693
cf-polished: origSize=1077
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-435"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sTSF3MaWert%2BVR3FaaWX8pQlbEUaM0hgad3D6Q6lPrgmD4iI%2BTXtGyDrnrwykERB5z3pxlZhnnQBzRu9wmOQ0Vc73UQNznU9xMro5OlVVHdaooIm6ZelAR9%2FJ3VC8akeTSa0ri6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbbf5b1f35e5-FRA

GET
H3 200 font-theme.css
www.securityweek.com/wp-content/plugins/theia-post-slider/css/ 2 KB
1 KB 78ms
75ms Stylesheet
text/css 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/theia-post-slider/css/font-theme.css?ver=1.15.1
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d5bf3f8dc9d9dcd608393de3bd8afbeedd5077039b595aaba4529064dbcbe89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13762693
cf-polished: origSize=3030
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:27 GMT
server: cloudflare
etag: W/"63cf858f-bd6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlHfAOF6M4jN1tMlG%2BtgmJe4A1I7MuZk9J0G4MkmRCcFHG1yqQzS5y8U6VItAJxUJT8%2BBQX2PS3bx3oBDXvwP7MIOZZIN%2Fc9lKzZzPMkpJKnUHHT725ycCyyq7Os0%2FBw%2FLtgpCP4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbbf5b2235e5-FRA

GET
H3 200 style.css
www.securityweek.com/wp-content/plugins/theia-post-slider/fonts/ 4 KB
1 KB 37ms
34ms Stylesheet
text/css 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/theia-post-slider/fonts/style.css?ver=1.15.1
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67e380395b14a5ac48faabd1838b4e6fd75b01682364f987dc8948975838837c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13762693
cf-polished: origSize=4566
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-11d6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxvzDjP9OTxhZBvcNbqH415s%2BmO0rFV1d%2BaZfwJIU8H9sKIbN9yR%2FMukN5xnlKT6jpkMve9xYldhDKNV7G9YWHqJdbtaOkEicq%2FVRsA39uuZ6%2Fxv1Whj%2BsEDtkFn5IsitiMM5Q%2BS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbbf5b2335e5-FRA

GET
H3 200 dashicons.min.css
www.securityweek.com/wp-includes/css/ 58 KB
35 KB 58ms
55ms Stylesheet
text/css 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/css/dashicons.min.css?ver=6.2.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3478364
etag: W/"63cf8582-e688"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nG9zAag5aU8Eu08vDX%2FQvLLxTYlhH%2B8b03nZ2S2ZKiJchyH4GZLWG3kLaQLijq9bll4yefsZyMb2lWWzqHLiV12W3xfHnNb20%2BDdyZIT7MPxSqvzKkBRu65IiDsIYF%2B3TgqjGtdu4mXhSpe4DQMQnkv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbbf5b2535e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-ui-dialog.min.css
www.securityweek.com/wp-includes/css/ 4 KB
2 KB 86ms
83ms Stylesheet
text/css 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/css/jquery-ui-dialog.min.css?ver=6.2.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 643e504c5417068283c7ba2a2e348b0f6c12da9e7b328470424453466d69efa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3478364
etag: W/"63cf8582-11c4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3oyBcRDrP8yGez1I8CEfF36%2FByZZFzwKZrgVro8XlV8Jz5LW%2FMjsWNLZL0TRuMUE07A%2FB4KL4ltUEj5Z6aptkZwvtQkuff43iskaSd6Ja%2F6gqxfH91dLlAaR0b4F01%2FNBRRBeO7OIhaPQ8p%2BwvWbu2v"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbbf5b2735e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 phone-picker.css
www.securityweek.com/wp-content/plugins/wp-2fa-premium/extensions/authy/assets/css/ 19 KB
3 KB 83ms
80ms Stylesheet
text/css 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/wp-2fa-premium/extensions/authy/assets/css/phone-picker.css?ver=2.3.0
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91bbc128851e65442a70a7e12e55068d75d7e9b0514c5c9cb7c15fe770cf8899

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13762693
cf-polished: origSize=27551
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:20 GMT
server: cloudflare
etag: W/"63cf8588-6b9f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9gDWSl%2BZf3AxnHDgXZMX9BNCzkq48cq4PXpNq8iMh9oYoHCK1%2FgFMraDxEPP54IDbnOhaF9EVzJIidfFxJx37HaE5VTsRMlinx9%2BjunB6KkoZ2bU3FLDvhxuR%2F4vA2hEg3niPBPv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbbf5b2935e5-FRA

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/ 36 KB
9 KB 79ms
23ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css?ver=6.2.2

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 20:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 576284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8422
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jul 2024 20:32:46 GMT

GET
H3 200 photoswipe.css
www.securityweek.com/wp-content/plugins/reviewer/public/assets/css/ 10 KB
3 KB 84ms
81ms Stylesheet
text/css 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/reviewer/public/assets/css/photoswipe.css?ver=3.14.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee5d15d9b1f5bfa5869678f288b9e829239f719ec5cb4ff8345979eb9001870c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6502283
cf-polished: origSize=10017
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-2721"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Z0a6jfymRf%2Fgh2zy4sMMhQvNVxrShd5JvTbp3SLU0ydv3xC5F8iDRzPf%2FZf6tWR5VXgCmLr%2BMBM9wWzO14VG92BktH7UyeyANwAXDI9aFgm%2FUuYLJorP5qYxqrYriHI7MyZxGXp"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbbf5b2a35e5-FRA

GET
H3 200 reviewer-public.css
www.securityweek.com/wp-content/plugins/reviewer/public/assets/css/ 133 KB
13 KB 81ms
77ms Stylesheet
text/css 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/reviewer/public/assets/css/reviewer-public.css?ver=3.14.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6a6ecd56ebd86c4bf8099f38d4acebb360dce6b8ed3b8beebf34e9845510033

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13762693
cf-polished: origSize=135802
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:26 GMT
server: cloudflare
etag: W/"63cf858e-2127a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qY7s%2FUjaSAZqIJsTt9%2FUt%2FQcCCrhSvA6jQrO3SBgeNoxwA5neRS0f%2FEXaKuU8gaqX3WjuckPufTzxPedf2NLpklYNAeOAL2y4IMQBMk45CtDtmnHqjVjqwAs%2BJOSZfVQbmK5DvQ4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbbf5b2b35e5-FRA

GET
H3 200 wpp.css
www.securityweek.com/wp-content/plugins/wordpress-popular-posts/assets/css/ 438 B
728 B 95ms
92ms Stylesheet
text/css 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.1.3
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a391e09587513aa78421c34ed482a17a5e003c2132edd96227d53831a131b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1228876
cf-polished: origSize=1672
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 26 Jun 2023 07:11:03 GMT
server: cloudflare
etag: W/"64993a07-688"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ThQ3WLm%2Bgw%2F9KMcIdtJqkiYMvHBp1ML1eLmgQeDiFpHu9oiJTjoS1qDenVOhA6dgIYgRQXA2OLQyLigRNY9ORKSiwpV7TyJ5iqyOP4r685U3nCLmWHFijZ7EZCgm0RdfnaHJClS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbbf5b2c35e5-FRA

GET
H3 200 style.css
www.securityweek.com/wp-content/themes/zoxpress/ 147 KB
26 KB 96ms
93ms Stylesheet
text/css 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress/style.css?ver=6.2.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0803977e647dbdb41c98b4318386f697591604f184a59fcafec52ffba1f6bdef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3478364
cf-polished: origSize=184235
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
server: cloudflare
etag: W/"63cf8587-2cfab"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGmNRtfh7ft6BEUn%2BeiO0ERhgfPVH7PKS%2BFAADuSDRrW3kLGbVmJWu1hBwjLbjyh3XLjlrXrT6IFsI3mHkpWBk%2FA6DtHfMDFh2RVN3JSuZonzlEwdLsIdT%2FApE4fMIAoVAEEwYytXJW4Ie5Oh7m%2FmzK5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbbf5b2f35e5-FRA

GET
H2 200 all.css
use.fontawesome.com/releases/v5.5.0/css/ 50 KB
12 KB 86ms
31ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css?ver=6.2.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 901X9F20M0K3ZYG0
age: 1753096
alt-svc: h3=":443"; ma=86400
x-amz-id-2: fO0E/vNhoMymUDvlmvRu/ejcnjH1O7LSzMuwCgIYfnawfujeYpSY33ELA0j2jdNA2OGmcmVBoy8=
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
server: cloudflare
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TStpuIVvAcXrVKVjpAYBeRpramcPYTisZ2L5PveNH%2B%2BUJuFT1sZjm%2FBljz%2B2ZpEpYcxo6kKA6btUOjRNcPkRO3aiPE4TzFxpzQL8khpWQpbRtdxXMR3MleJY6hStgR9bRvrZNNFgwZBr2NRMHJxIaR2V"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7e48dbbfb94d0404-FRA

GET
H3 200 style.css
www.securityweek.com/wp-content/themes/zoxpress-child/ 20 KB
5 KB 97ms
93ms Stylesheet
text/css 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress-child/style.css?ver=1.0.24
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a018ab767f279fb68391322c42eacc40517f6a8daa29fedeb4e6b44848917a92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3978358
cf-polished: origSize=24253
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 May 2023 11:27:02 GMT
server: cloudflare
etag: W/"646f4606-5ebd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTqSz8%2FdoUUikNPvb%2BC3jD8oXHcMq3959elk%2BAacu%2Fv5%2FDyhq08K1bz3L8kBObqpYzEVUmvdyHP5sYynSKpaz%2F5Fz3%2BFUl76poNNLdaq3GBh7J2X1CUG4DiSe3oSa6i4jXA4bpcB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbbf5b3035e5-FRA

GET
H3 200 all.css
www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/css/ 58 KB
13 KB 54ms
51ms Stylesheet
text/css 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/css/all.css?ver=6.2.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 989934f975edb65dc96fce979cc86bf8d5a9453e6113df99622609381ce175d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3478364
cf-polished: origSize=73577
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
server: cloudflare
etag: W/"63cf8587-11f69"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xsgKONmKOtlYDyVbrSiOp04RR7CndjEtvyGXGcfKL9YEvnUjvL9y9C%2BGHpfEHUr%2Fihr7KGYxB0xn7N%2BEg3urESkxx4D2Rb5PRytIk6YLX%2Fyw23WjIQKMZQqYHZg1mNEAXNhBo8kdokKi%2BdgMnym%2B4t2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbbf5b3235e5-FRA

GET
H2 200 css
fonts.googleapis.com/ 171 KB
6 KB 89ms
33ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7COswald%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CTitillium+Web%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COswald%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COswald%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COswald%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COswald%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CBarlow+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8ba408a4d3b64cb9dbc33e42c3123e4be5d34297a2320933eac392a9e102825c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 12:34:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Jul 2023 12:37:30 GMT

GET
H3 200 media-queries.css
www.securityweek.com/wp-content/themes/zoxpress/css/ 139 KB
12 KB 97ms
94ms Stylesheet
text/css 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress/css/media-queries.css?ver=6.2.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec99dd07af5b4a5e3b072e941d355bdbfa1db688555cd4100ab61caa2b0bc25d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3478364
cf-polished: origSize=180354
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
server: cloudflare
etag: W/"63cf8587-2c082"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlnsxRBXvHAQCYv7MABgBOV%2FE6EiovhL%2BP7mTNQvkbssIR6Qhi1lkQDSdWpFoQIqT2g5oK77jE6ccBBBYhCFx%2BdnrVzqdFefZhxzT%2BIF4QRALgLpCW4B8USyjDzVBpiADfJt%2BOqU%2FTyz6JvH3tdgjeSF"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbbf5b3435e5-FRA

GET
H3 200 pum-site-styles.css
www.securityweek.com/wp-content/uploads/pum/ 15 KB
4 KB 98ms
95ms Stylesheet
text/css 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/uploads/pum/pum-site-styles.css?generated=1686771112&ver=1.18.1
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 558cc235d4a597a8ec28daee4279486fdd17bc7431b2e15e4634fec0117860c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2219129
cf-polished: origSize=17639
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 14 Jun 2023 19:31:52 GMT
server: cloudflare
etag: W/"648a15a8-44e7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqzujesGf1jiEuLZWb86gRNVqGsgNo0P9wNhN9Hrsv%2FwLkWUmZs7FGgc9ArtV0xRrhMim%2Bouy3rI5aNLdQd8Kvp2qsc1x6AXxUs6o%2FfAX9J8BazLNYPYAO%2FFK2Q3p0132mDpdGaA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbbf5b3535e5-FRA

GET
H3 200 SecurityWeek-Small-Dark.png
www.securityweek.com/wp-content/uploads/2022/04/ 10 KB
10 KB 46ms
43ms Image
image/png 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/uploads/2022/04/SecurityWeek-Small-Dark.png
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbf7c9bddb9ee180560fa0a36e9d0713aeb6357dd8f79ee9ab31bb9246655136

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13762692
cf-polished: origSize=13020
alt-svc: h3=":443"; ma=86400
content-length: 10019
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jan 2023 07:15:16 GMT
server: cloudflare
etag: "63cf8584-32dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IiyR3v%2BAkgiGNUj0UlMZhPM%2Fg3I8oQsx%2FNvBu7%2FAMAXBkHk%2FT1q6ac9fEtYLoAkz8fsM7EC81doBwGHv1QXYZEdqCx4p7B04sc1WLMA7UjMNWb0jz0PdnpZB9lnapvMIvcKbDf1N"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e48dbbfbbc135e5-FRA

GET
H3 200 SecurityWeek_Dark_News.png
www.securityweek.com/wp-content/uploads/2022/01/ 22 KB
22 KB 42ms
39ms Image
image/png 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/uploads/2022/01/SecurityWeek_Dark_News.png
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22bb1253ebf8405c69bdf9d628ab472e02e1f6a06d3eb07bd171494f6c3b6aea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13762692
cf-polished: origSize=30005
alt-svc: h3=":443"; ma=86400
content-length: 22149
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jan 2023 07:15:16 GMT
server: cloudflare
etag: "63cf8584-7535"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVYcty6mTFGEOT%2Bu5%2FCBoYC7e9ORoq181CKDqOEgqa5d8I2IA5aKSudanHnfQSIYHfjQcdNXnpgk0VLERzyME%2BkJVg1MHD9E0bhHDH2s4cOf9DCgHQVU4LVeL1YJZvY0DWSUVcui"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e48dbbfbbc235e5-FRA

GET
H3 200 SecurityWeek_Dark-Small.png
www.securityweek.com/wp-content/uploads/2022/01/ 10 KB
10 KB 42ms
39ms Image
image/png 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/uploads/2022/01/SecurityWeek_Dark-Small.png
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbf7c9bddb9ee180560fa0a36e9d0713aeb6357dd8f79ee9ab31bb9246655136

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6502157
cf-polished: origSize=13020
alt-svc: h3=":443"; ma=86400
content-length: 10019
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jan 2023 07:15:16 GMT
server: cloudflare
etag: "63cf8584-32dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uhe2CT6EVTz%2B1eyp8dC3vS1ID4c1RPXM76%2FbBU9cwz%2BMevzFjQBsX%2Bpisqv78iqhhGKgdKhP%2FqKqk4%2BSgY4vLU6u7o1e9MHGaOu7wsK6G4lsEjLrH6VhUMmppzq0lHKJfeFr%2FcsC3ZC9KLc%2FALDPcW2G"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e48dbbfbbc535e5-FRA

GET
H3 200 APT38_targets.png
www.securityweek.com/sites/default/files/images/ 279 KB
280 KB 903ms
900ms Image
image/png 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/default/files/images/APT38_targets.png
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e592c6b2e3819e7031fe3de8cc419d76860debb304aacc26c5c8f44c23c7f990

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:31 GMT
cf-cache-status: MISS
last-modified: Tue, 24 Jan 2023 07:15:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63cf8598-45d88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asdBs5ETTx4n%2BLrmAseyiw%2B2SWtvyTeIN6LsyX5eDnHUXlDtN6jYyTSBqToGiyTZvRpNqVXu%2FR5g7ywmQR1EU95LdaS7JEw%2BC4ogIopTyxfG08gnMSXLWWBPYTI39ZVRlYpDhpLAPOjMII%2FzTSdRG2xm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e48dbbfbbc735e5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 286088

GET
H3 200 email-decode.min.js Show response
www.securityweek.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
835 B 41ms
38ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.securityweek.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Jul 2023 15:21:35 GMT
server: cloudflare
etag: W/"64a438ff-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7e48dbbfbbbf35e5-FRA
expires: Wed, 12 Jul 2023 12:37:30 GMT

GET
H3 200 SecurityWeek-Small-Dark@2x.png
www.securityweek.com/wp-content/uploads/2022/04/ 22 KB
22 KB 56ms
53ms Image
image/png 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/uploads/2022/04/SecurityWeek-Small-Dark@2x.png
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22bb1253ebf8405c69bdf9d628ab472e02e1f6a06d3eb07bd171494f6c3b6aea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13762692
cf-polished: origSize=30005
alt-svc: h3=":443"; ma=86400
content-length: 22149
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jan 2023 07:15:16 GMT
server: cloudflare
etag: "63cf8584-7535"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vx%2BA5Zp5tw68llnwPW20clu%2BBCxzfEO1cmtvSCFFPqYBPUGR%2BRBWweeA%2F8jIXz4%2FKkEKTSwNlAhtaISKvnyQRL5dF28pIpOxDjdJr1%2BZiiDIOTAvzABV5mVpOt8gsnzPeK43bwVg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e48dbbfbbc835e5-FRA

GET
H3 200 rocket-loader.min.js Show response
www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 56ms
54ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Jul 2023 15:21:35 GMT
server: cloudflare
etag: W/"64a438ff-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7e48dbbfbbca35e5-FRA
expires: Wed, 12 Jul 2023 12:37:30 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 106ms
56ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://www.securityweek.com/
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7e48dbc00ed06933-FRA

GET
H3 200 gTSU7w8TKow-r0zxLGZWiDD2jUk.js Show response
www.securityweek.com/cdn-cgi/apps/body/ 970 B
842 B 56ms
54ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/cdn-cgi/apps/body/gTSU7w8TKow-r0zxLGZWiDD2jUk.js
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/apps/head/uF-Ze7WAyjEpzP032WXyUupeXAE.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e504e9f649813734dd00f332c49ad8a7b96929b4ee751f8b69c87599c98d23dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
x-amz-version-id: tNf5oRoDTPzXxeaDfZtDqkmajaCc93wv
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 16:30:30 GMT
server: cloudflare
x-amz-request-id: SZXABA7GTS4BN581
age: 13762693
etag: W/"869fcc0499df4fef1fa9d1cd8e1d641e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7e48dbbfbbcd35e5-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: TAl7d4XRhPKOyfrbPGPYmLFXFaiUnBI0z2AZqqBoVcFwH0frcxq7++xxfPt66Y43J136E5ElSzI=

GET
H3 200 css
fonts.googleapis.com/ 2 KB
559 B 76ms
34ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/wp-content/uploads/pum/pum-site-styles.css?generated=1686771112&ver=1.18.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6a51a6d6bd79870b6abd5772686659f2b8ecd22cdb0a6ceda0e87295ac284414

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 11:46:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Jul 2023 12:37:30 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 19 KB
7 KB 105ms
64ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7e48dbc0d94139ec-FRA

GET
H3 200 mobile-detect.min.js Show response
www.securityweek.com/wp-content/plugins/popup-maker/assets/js/vendor/ 38 KB
17 KB 34ms
33ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/popup-maker/assets/js/vendor/mobile-detect.min.js?ver=1.3.3
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Jun 2023 19:12:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2219127
etag: W/"648a1127-981e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gINu2bOGz06DIES17n7iCMLnG7onWvWMcyzjKke4OQevLZ5s3hBjcN0txp6L083iiMBFrnSmoczlqwx0FKAgvzzxc1P7Ml5UmpJJK%2BDzgXZPblAUGx2GYWuKFGZEWTcz4JBsnWPr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cc835e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 pum-site-scripts.js Show response
www.securityweek.com/wp-content/uploads/pum/ 68 KB
18 KB 44ms
42ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1686771112&ver=1.18.1
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c09f40aa9ac3105f86ea363d58ad2a81f5d5741b810786a1a6291e7dd9d43ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2219127
cf-polished: origSize=69803
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 14 Jun 2023 19:31:52 GMT
server: cloudflare
etag: W/"648a15a8-110ab"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rjcou%2B9tWZjWwK9yxBOxcwNGJTbbQXadB9E7O%2FBHHmbZwijZ10sIqPSruRBL5Ll9Go5J71OwvLo%2BDCy%2FlPHwhwf%2BL0Vm3K1uZguohHyTCyTaxuC0ycsm7fe3OtVzn8UrpS9ah71"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09ccf35e5-FRA

GET
H3 200 lozad.min.js Show response
www.securityweek.com/wp-content/themes/zoxpress/js/ 3 KB
2 KB 43ms
41ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress/js/lozad.min.js
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6502155
etag: W/"63cf8587-c17"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUZ9q3wvQSNXIQY4z1LHUGLEQ5Hui5fqNXz%2FjpnhKBta1fs0yYlt5NMmVlyuf04zk%2B5SDBi2duGtLDt8B4Pa7G2dvj%2BFaotTsXglqvW%2Bd%2BaSn6A9JDD7zko5cjBb830aknG789fCBq6%2FEBvrQWPH3yTM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cd235e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 intersection-observer.js Show response
www.securityweek.com/wp-content/themes/zoxpress/js/ 10 KB
3 KB 44ms
42ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress/js/intersection-observer.js
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e71d11284fe33d09fe11d031d1517b0383750bc5dba2faf77e87f42a609a1b68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6455689
cf-polished: origSize=22304
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
server: cloudflare
etag: W/"63cf8587-5720"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pit7D7y0pLOUbCkxcsPGUkeaRCOnLYhPk5BWTWGbPWAUZuRZPQFZTroyOkDN2PKZp1utKmzIVIC1rthCV8Z%2F24Ar8US9wUp04j1gVraKZS2Tx21t3oYe%2FUulBJstOFlyb1KBYEzUoSVGOHieGS33u%2F0j"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cd535e5-FRA

GET
H3 200 comment-reply.min.js Show response
www.securityweek.com/wp-includes/js/ 3 KB
2 KB 36ms
34ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/comment-reply.min.js?ver=6.2.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3478363
etag: W/"63cf8581-ba5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4LeuQb5hjAZNYJ2tq3%2Fx5gNq0G5uCuF9VoY996WEzpGz%2FxYUgEAwL%2Fr7hpVuQpzl%2FbBf51uJ7AESUtnFBndrf02FVYMasYPIxLo7jkOAu4%2FWYR4QlF1vGHvNYKizdxOlf9xJ2e5RHSgyOPIxSafylqZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cd735e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.infinitescroll.min.js Show response
www.securityweek.com/wp-content/themes/zoxpress/js/ 21 KB
12 KB 36ms
34ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress/js/jquery.infinitescroll.min.js?ver=6.2.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 002d4e61d6efae0d93d62d4c12576e427302f32361e675aaffa3691ecd9ae17d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3478363
etag: W/"63cf8587-54c9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3mkmBrI6UuqhH6ahSfN4KMzQrTOskiSvwY5JrMxpVzAZSXkC3fTMtfNAl8rSX8jwcMim3iPbnJ%2Frpo37M41WlxK0idxM%2F9VHTIs1sXTs94H6AipCA0Zz1ST7pJbtwx3UUrsUSAW9iEciEaskcflDf6L"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cd835e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 retina.js Show response
www.securityweek.com/wp-content/themes/zoxpress/js/ 2 KB
1 KB 37ms
34ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress/js/retina.js?ver=6.2.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6d935c5494a7d6121e463f319ac4882f805d38989d6dac70ec84a29a203d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3478363
cf-polished: origSize=3104
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
server: cloudflare
etag: W/"63cf8587-c20"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aN5wqa59%2FGAEzr%2BAFcxDsdWMZlMx758a4w5mzysENkpv7baPlqBzrdJqx4eLmrfewKw5BsxwG3yU%2BoZmr7efIRmk7qay5s1AOtUc%2B6pYMZJudrUwPxAhKZk%2BMUO3R5yheQcLDoh1HDjvfA42furkItqU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cda35e5-FRA

GET
H3 200 scripts.js Show response
www.securityweek.com/wp-content/themes/zoxpress/js/ 73 KB
19 KB 74ms
71ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress/js/scripts.js?ver=6.2.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37f724a365094e5859ef50dba7afe3764412c6cc9931a8abd7d9dc85751fd881

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3478363
cf-polished: origSize=113963
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
server: cloudflare
etag: W/"63cf8587-1bd2b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhDne%2F%2FfvccoPdxlmRlDMzlhfTOdlFUAw7ePZ7qfBOh6cQAUGRGBPtjRSgFs1ObZCL24fg47Ojl%2B8Dvy%2BhiYT1VaQRv8NgjKuM3WNzdfoiB7ZbUHUuqlnrOsGWUQl98NdO7iIHM1jLoBm05G7DWw%2F4Wn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cde35e5-FRA

GET
H3 200 zoxcustom.js Show response
www.securityweek.com/wp-content/themes/zoxpress/js/ 0
459 B 72ms
67ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress/js/zoxcustom.js?ver=6.2.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3478363
alt-svc: h3=":443"; ma=86400
content-length: 0
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
server: cloudflare
etag: "63cf8587-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40PjTaaJy48P3v4rdYaZDbM8Rnwu1AqSyvgGE4f41jPC6NvR64sl5bUf1yVgbAxorraJtw7C1%2FjOpw6Cm%2FGyxR2fbvAwcktaGO%2FzivvkPGkKDjO2KjAJX9LFTa6K2R1Prs0Uu84YwioFWgLlpyTEe%2Bl8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e48dbc09cdf35e5-FRA

GET
H3 200 reviewer-widget-users-reviews.js Show response
www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/ 90 KB
33 KB 66ms
61ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/reviewer-widget-users-reviews.js?ver=3.14.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71a9929c39f7b0020a343a7cd3685ae547fba1f21596f7982ed2c1ded802be03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6502155
cf-polished: origSize=92382
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:26 GMT
server: cloudflare
etag: W/"63cf858e-168de"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0Wp8b%2Bux9yYWVpCJVyILp5XdywrsKURBcLbKG1a7c4E8BQ3yQ1tFmPVA0KDwRmjFQPHPl4SzTe%2FM3lXhR0YGS3mBZ75qBz8orix0QOH%2B5%2Fu2cD6XPi%2Fxh2o573pXbXXKoX0tgHLKH7xYrVR8MrcMSwH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09ce235e5-FRA

GET
H3 200 reviewer-reviews-boxes.js Show response
www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/ 131 KB
44 KB 47ms
41ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/reviewer-reviews-boxes.js?ver=3.14.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0b1517dc148ec4fdcceacae881103ffa7e54e74c32c7dcde5cdc9826ea735de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6500211
cf-polished: origSize=134499
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:26 GMT
server: cloudflare
etag: W/"63cf858e-20d63"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDN0peTwAJAXRDAzoAFKnOOGWn%2FBmqojXEc6%2F5zWNDS%2B0diXU9Q3gcNQoWq9vSo3K5SsBlBd1Gr8ivVA2i5XDjzNTFOIKs4H3FbPzpViV%2FWGv3D2pKYeMnuJc3VfvpyfSKZTpSWP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09ce735e5-FRA

GET
H3 200 reviewer.public.min.js Show response
www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/ 4 KB
2 KB 64ms
58ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/reviewer.public.min.js?ver=3.14.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cd14927179cd88891fae3057a4ce4a7cf499af73f65c3b2e83f32e1598c0288

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13762689
etag: W/"63cf858d-e80"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSH0eEtAjQftiJObYGCd%2FMEOyRPWMUE0Oy8N%2BoFzcmvwjOcWqyH4f88RWpKSQS79v85kjAxaHPn7Rtl0KccA9ptIiB12evoWWab%2FVdIxNuRiqJJO6Yzb1F6OkGXcS48ecZCs7z2f"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09ce835e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.knob.js Show response
www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/ 11 KB
4 KB 39ms
33ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/jquery.knob.js?ver=3.14.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83f279ffab2866365df78e9244339e46d7752b13e43db75ca5200f9a0ec07e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13762689
cf-polished: origSize=24920
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-6158"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UffONKg8Z0uw8XsfE4pgTul%2Feh9D6revuvnLrxWc4TdwbCSxfA%2F80HT2Co3Izh5lyEOzceDM9KJ4igbMehNzPZChVeIjF1Q%2BpAZtyfeGprFLDtUP6pGcV2HqoWx2tUXFvxFjnXDn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09ce935e5-FRA

GET
H3 200 photoswipe.js Show response
www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/ 40 KB
16 KB 52ms
46ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/photoswipe.js?ver=3.14.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf01342c724e6c0d84e911d3451b078576a3208c7300378ef80138089e6d79e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13762689
cf-polished: origSize=41387
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-a1ab"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5%2FJ7dcLoxlO3dm2H5bCMDCZRP49nKMuNQNeN8qeVojxgOJfWva%2BKRbyMVhvHWMTpQDySOzdPtfaqQPHu8YAF54jCAe9YMdx1Lg7JFzGCiu9kRw%2FVuxXUY7DPdCJqZDEWvPc1RmV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cea35e5-FRA

GET
H3 200 jquery.nouislider.all.min.js Show response
www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/ 18 KB
7 KB 45ms
39ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/reviewer/public/assets/js/jquery.nouislider.all.min.js?ver=3.14.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbf94e5438333ae008e9b742cf1dd74dd310f7385ebe6f9ef4fdc82976de34a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13762689
etag: W/"63cf858d-466e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7DMl2Xgnzm%2FxRl1ickVdcJdpsbYsMWW95wsScB8YdY763bCgiqb2bz9A9ZbtZi74L%2B375%2BOhIxBu5nNfoKHV2enJ4HTxOSbRn3HDv5UrsHBid9jKbzqtINs2ydjMmUN%2BraAQSSZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09ceb35e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.waypoints.min.js Show response
www.securityweek.com/wp-content/plugins/zoxpress-plugin//scripts/ 10 KB
4 KB 40ms
34ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/zoxpress-plugin//scripts/jquery.waypoints.min.js?ver=6.2.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42656c5a534309426b3c5452b07c4013df29165e754e36e51d724ad962bebc1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3478363
etag: W/"63cf8587-28ee"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7OnTe73SfV1CNyotE6i0%2BRQT8%2B1CeFPxNgXyfLap6jFSjdeglzOsGHYKgs6bHlwtWmNOlqVa7wAK8p8A0%2BtfqWw24vWiQ7BMQsoo0cf57jOPHYa6CHEUzc%2Bzo%2B2F59CfRei5t%2FhOJugKkHf7vGBtU%2Fn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09ced35e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.sticky-kit.min.js Show response
www.securityweek.com/wp-content/plugins/zoxpress-plugin//scripts/ 3 KB
2 KB 64ms
59ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/zoxpress-plugin//scripts/jquery.sticky-kit.min.js?ver=6.2.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3478363
etag: W/"63cf8587-aee"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hzcYJpof%2BfzZNdNfKvbrjHGiI0fKDD600rgICYqOKusXe6B9VwE2fma8mukfEpZe0ar7rAZy0NCWhN778PurdZKqwvo7e%2FZ8VBuTiahDUtWPtRf90nYEtCyPa58M%2FoFRJPBv%2FLrMCZp2jCFKaNxdx78u"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cee35e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 authy.js Show response
www.securityweek.com/wp-content/plugins/wp-2fa-premium/extensions/authy/assets/js/ 6 KB
3 KB 66ms
60ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/wp-2fa-premium/extensions/authy/assets/js/authy.js?ver=2.3.0
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7b4f4c6aced0be2cc9004285b53f58cf62f74012a321e86938f12719fe1113a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13762688
cf-polished: origSize=8883
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:20 GMT
server: cloudflare
etag: W/"63cf8588-22b3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6gTAMnUJ9k8vPUnE7bZ%2FNuuiABAXMEQ0UVMlJb94oCWeBpfHThS02K640YHmtA9DnQR%2BqS3ivzR9UL6jGAGHJFr3lzr5wjrKgr7i5JKMIS5j0a09uNwIoUBxI9mngk%2BrVxz5gnk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cef35e5-FRA

GET
H3 200 intlTelInput-jquery.js Show response
www.securityweek.com/wp-content/plugins/wp-2fa-premium/extensions/authy/assets/js/ 42 KB
14 KB 46ms
40ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/wp-2fa-premium/extensions/authy/assets/js/intlTelInput-jquery.js?ver=2.3.0
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e423a106197def7cbfe1ae2142caf48a39478ddfd3e4e81b7cb033db5bea3c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6502155
cf-polished: origSize=85819
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:20 GMT
server: cloudflare
etag: W/"63cf8588-14f3b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzwLek%2FPFe4pF8l4otCSQoGSX%2BiP32WR4NQizR%2FKI%2BFOYCoaWq7WuHp1HvwAw6dOLvHmIb6IKy4vm5mIn6CK3Bermzj6OkG65YAaJVyMExGqj%2FJ7VLATFp9bj34H8kQ%2FS4%2FaNGB7agPnBIbPnwEWmUtH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cf035e5-FRA

GET
H3 200 dialog.min.js Show response
www.securityweek.com/wp-includes/js/jquery/ui/ 13 KB
4 KB 43ms
37ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/jquery/ui/dialog.min.js?ver=1.13.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4bddb9535f5e3fe9e500616b2f1e4b10e1a5930a197848966a7c316838570a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 09:09:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6502155
etag: W/"642d3aad-329d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lmltw0vHV8MC%2FtB3IZlY803gERS%2BGw3IkkVffH0bEkJrFbYc8PGwCB05XGpzLLYSs8eQtRx9gP3uP7brWB3Cc635RLHIm8h2yHiMbIb41q5le8xeyVHnaypLVhsDshaoJHo%2BlCUUPM8ZDYeM%2BxD8a89c"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cf135e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 button.min.js Show response
www.securityweek.com/wp-includes/js/jquery/ui/ 6 KB
2 KB 42ms
36ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/jquery/ui/button.min.js?ver=1.13.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2793a7736c4421efb5ec1f639c9b19a081a6b7a91097d4459149fab67c47b9ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13762688
etag: W/"63cf8581-17fa"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYtaem7isB1w4jHfTtgIU8dToZI7GwND9xbtLQhszU01ir7jfT9z4Gg3qQ5AjnW6rYn6vNamUamfc0OBbHMlQVeUsKKFrQhQsgw1SQIPTKigrIJ7kCFm8xH3KEa%2Bu1oRGPJ9jY9I"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cf235e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 checkboxradio.min.js Show response
www.securityweek.com/wp-includes/js/jquery/ui/ 4 KB
2 KB 46ms
41ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/jquery/ui/checkboxradio.min.js?ver=1.13.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2f925db6119917230e885b016055a6a324d33b10585d5c7f106665ec157754e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13762688
etag: W/"63cf8581-10d5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbIL1RE8MbHa1n%2FCpTPZwIIBJ%2BpuM4biNVGVCF8kKNcyOmc7Tzuc6pOmv6usRTouKKH5MWpChDn%2F3H6svYTcCDH7Ap%2FkR4eNpiZsTAO3Pym1lY9R5EVVM4SY5TrqkF3ewdevVsSI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cf335e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 controlgroup.min.js Show response
www.securityweek.com/wp-includes/js/jquery/ui/ 4 KB
2 KB 74ms
69ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/jquery/ui/controlgroup.min.js?ver=1.13.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da343c70bf28bee6a1a9238dd5147b190b675a523e525e9a52b2bd9aaf48e4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1491809
etag: W/"63cf8581-1126"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnopLNyVstXedGj975KhGkWsKkcX13EFnFr3sU6SRiEWDUpcWmw5rUVXrwTEu2xv4AxZW8KhvnTK65FwI6zXs7MjLcTv54%2BBM3PoorbzUIFLQjrrlAn1801UfiPxK%2BWFOc%2BVxki4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cf435e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 draggable.min.js Show response
www.securityweek.com/wp-includes/js/jquery/ui/ 18 KB
5 KB 72ms
67ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cea32499cc55e5232ec287c438644afef28297f4248958ee32906dd34ae5f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13762686
etag: W/"63cf8581-4794"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipN3qjdYXbTMil2mIeMH2dSy1WPUrSF0QekVPVDNj4MfRkPZBn3ZUNB1X4JiN7dxWXMeLy2msdQsVXLaee17d1vvWDr0EoihHdAN24%2F8HZ5ds5mBcJza1HWG98Fx7BxmCfNMw3y8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cf535e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 resizable.min.js Show response
www.securityweek.com/wp-includes/js/jquery/ui/ 18 KB
6 KB 44ms
39ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 706e4d8669d29a9e13cfb13a59b6c1341ec80a08c9c10eaa465756366006f327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13762686
etag: W/"63cf8581-4911"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52zFx3jemjc05THCHTnQ9j5eS2i8JKdbSDbDNjhRVBMyeN9yauP2IzQAJJ1X4QCuWiNEYLjkiD7UghhOgNwYwwA1Kw3rLNkw8mcggrG4LHlg85MWceIzO5RkP21e2K%2B8JWOAq%2F0c"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cf635e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 mouse.min.js Show response
www.securityweek.com/wp-includes/js/jquery/ui/ 3 KB
2 KB 65ms
60ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 809ec973a018b6bf8ac18e74bfffc3d25182e6f44df00128d531cf3e07570ee6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6502155
etag: W/"63cf8581-d4a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTVTRe%2BHhUGBCaCVfuG3ujDQo023zOz9HD3WwmxwKx6r%2F3luGt20iGN6pROMIYJgDOSu8kHZUYwufX5zLMeu4N4gmfJJEib5A0DAdffG3DOAW38B%2B1BWpiewFvKzb3pcs%2ByXdjeHNrB4TE4y9ylDRslJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cf735e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 core.min.js Show response
www.securityweek.com/wp-includes/js/jquery/ui/ 21 KB
8 KB 66ms
61ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13762686
etag: W/"63cf8581-53c0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntW6%2B3vwiDlvg9niQoh%2FiXhKS%2FE2skWpWWxOVjo0TyZkG4OTmt%2Bo%2FCuo5T7p28nAEtkx1RssbkyNIpuPCbTzHPXdAudzoEvKEKsVBwkE0k4bquftoMxfWXzbrPoCEkDWKyLOw72Y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cfa35e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.js Show response
www.securityweek.com/wp-content/plugins/theia-sticky-sidebar/js/ 341 B
676 B 66ms
61ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/theia-sticky-sidebar/js/main.js?ver=1.7.0
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7c860a1505343bc4dc80a473bfe23f625da447d71af4db67b529065295d5171

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13762685
cf-polished: origSize=435
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-1b3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQo29dD5B37F6rUE6HrGqkiB%2BNcwDmbsy1pE8Wu6NV3v8zpZXEDMlyoNB2m20UqBlECVWJzu0Sl2%2F3%2BogUraHejKxXbRD9d8Uc%2BoGJvU74KpIJYJn3V%2F1mksSZer496liQdHN6z6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cfb35e5-FRA

GET
H3 200 theia-sticky-sidebar.js Show response
www.securityweek.com/wp-content/plugins/theia-sticky-sidebar/js/ 7 KB
3 KB 51ms
46ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/theia-sticky-sidebar/js/theia-sticky-sidebar.js?ver=1.7.0
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1ad56a192cfb796852af711e1326b02a9af338326a60fe291ca65fe8763ddda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6502155
cf-polished: origSize=15926
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:24 GMT
server: cloudflare
etag: W/"63cf858c-3e36"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poPhLlKayUmbeYtDrxlWsr7sX6NH%2FSMimqhR8%2FvyxC%2FMntmpX3rBoqHva08G9kL%2Bw4fNAXvdSP95PvE7guB1eA5SyRznIFeUPuEWIRDP4dTn7o9x32jbDcKkNCdnSNJ77akAliZ0iYEdQBdS98VOichd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cfc35e5-FRA

GET
H3 200 ResizeSensor.js Show response
www.securityweek.com/wp-content/plugins/theia-sticky-sidebar/js/ 3 KB
2 KB 69ms
64ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/theia-sticky-sidebar/js/ResizeSensor.js?ver=1.7.0
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb4bd4419d686ab440d7ceb2101dcd4155b4f18a12c99052a44fb503c349afed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13762685
cf-polished: origSize=5955
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-1743"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=podDjzCcc0rzbskzQF1NYbmu3wpiKDx0hD40EaJIXb0S6Jx8ZMZDwYWjYXwxBNLsKNEUlfGrS1ZXffXF4Io9BD25KTI0D9afU3JG6H72MqgekkWGS4rVsi9gMaQYiIVGZ4EgMcAr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cfe35e5-FRA

GET
H3 200 security-week.js Show response
www.securityweek.com/wp-content/plugins/securityweek/assets/js/ 362 B
694 B 43ms
39ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/securityweek/assets/js/security-week.js?ver=1.3
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35fa213f71b954999771aef54be9c8a4c7d793353ea3f575cb116d00dd58f2b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13762685
cf-polished: origSize=608
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-260"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkgjSbW0V7kN4kjWkcnYGmgghxRXUzvR8EI2l1fLWVMcFrIg18NUt2DFs3JFLRbIUzuX6SgiILecb5qyeAsLpUq5xqA0agZekwevvX7f6mMFcTfHbTz31%2BT7jCG1bcJ8%2BDuKhGE7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09cff35e5-FRA

GET
H2 200 5319632.js Show response
js.hs-scripts.com/ 1 KB
1 KB 214ms
140ms Script
application/javascript 2606:4700::6812:853b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/5319632.js?integration=WordPress&ver=10.1.24
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:853b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cffd41a354fcf84a2694e117f70a949a920d0de2313f603a5dbaecd7b8cf5d6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ae559319-dec1-48c3-b4ac-3d56f9cea3ca
x-envoy-upstream-service-time: 11
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ae559319-dec1-48c3-b4ac-3d56f9cea3ca
last-modified: Mon, 10 Jul 2023 11:52:34 GMT
server: cloudflare
x-trace: 2BC4659EE315B485983362DA745AD36500511E17C5000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.securityweek.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-5grng
cf-ray: 7e48dbc10fd49107-FRA
expires: Mon, 10 Jul 2023 12:38:30 GMT

GET
H3 200 comment_embed.js Show response
www.securityweek.com/wp-content/plugins/disqus-comment-system/public/js/ 878 B
859 B 52ms
48ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.23
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60631ed8f1dfa6713ff9e30fec41786aadc477c0cac5a75dca66b5a49f76b901

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6542871
cf-polished: origSize=1232
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 25 Apr 2023 18:24:46 GMT
server: cloudflare
etag: W/"64481aee-4d0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2HG9bChvSRqq4ISc%2FvdEsnFvZ9MYbEnEGxZgkwjDb2DEbjI%2BFQNUkxFdHEsqWNJzLmrLlgbfFab2RLCFSwXttnzCwipItARPv%2BYE%2BJlpsRsrSnKQChBmnLwRlw9okpJlLe%2BDU5B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09d0135e5-FRA

GET
H3 200 comment_count.js Show response
www.securityweek.com/wp-content/plugins/disqus-comment-system/public/js/ 708 B
856 B 65ms
61ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.23
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6499900
cf-polished: origSize=889
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 25 Apr 2023 18:24:46 GMT
server: cloudflare
etag: W/"64481aee-379"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qv6%2BC79OSP9HausLnO6uDgVv6BWWTl0SDKphzRmvD3nBy0wwOLx5dvaXZpmtvS5Ws2m7pKATl4qRjasizbMSEzGhCn0mA6VKfYsuviH7oTDLOupbJhI7wdeOYNfwSrMosSEys98g"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09d0335e5-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 253 KB
86 KB 121ms
51ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9QV8NZWNBC

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a43616353f66acf8abddfed211efd923f62fc55f5a75c6c192513799e2751d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87517
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 10 Jul 2023 12:37:30 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
26 KB 186ms
108ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cc53e4cc0a4fc6d0b65f041d8a291c6ebe22d81700788dd2a15d76c4dafb847

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25857
x-xss-protection: 0
server: cafe
etag: 484 / 19548 / 31075866 / config-hash: 4190376647550176277
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 12:37:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
85 KB 156ms
86ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M1YM36C8RW

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

09fdc021cb9b691ac0481ed0960f7d9e24e04d18ac8143fbcbe0b23c717188fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86823
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 10 Jul 2023 12:37:30 GMT

GET
H3 200 wpp.min.js Show response
www.securityweek.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 3 KB
2 KB 52ms
48ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.1.3
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 351a451c4a824da8e050c610f4092fe424479e3091620af618fd15f91455fe6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Jun 2023 07:11:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1228274
etag: W/"64993a07-afc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Frr0fH%2BBgJBx3GQl0WZmZTyn9yjeTeBM7DgQhOTIf1ZZSnwowLGp2RGP4wPggUJbSTfADMu47uwpCXpT6onQ1lTcnGWcQfXtWgmrsiFmTLa60IbrNyd39eMqoO%2FesOdJvlGZ3C2MWu5hDYL7TVZkoPSc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09d0435e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 tps-transition-slide.js Show response
www.securityweek.com/wp-content/plugins/theia-post-slider/js/ 2 KB
1 KB 52ms
48ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/theia-post-slider/js/tps-transition-slide.js?ver=1.15.1
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f50b7e2dd83cfd38b606d2eb70bcb99dd4d4c462295db0baecaeabe7812e8f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6502155
cf-polished: origSize=3219
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-c93"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfFZhS%2FFt2mPFLirpS4aUFNvrA22jRMabDO5Ss9hUlL%2F%2BlNs13Vf6UY5ssSXD84bhHzzttQex2B2Z3Ux%2FuDjqdt8Zr9r5UjvZlDp4egqOseHyH6rQcokmhD%2FXUFI4pE18abh45%2FWZew1CSeE1IdQPpY0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09d0535e5-FRA

GET
H3 200 main.js Show response
www.securityweek.com/wp-content/plugins/theia-post-slider/js/ 707 B
809 B 52ms
49ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/theia-post-slider/js/main.js?ver=1.15.1
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2914edb33157588c8d440c36f1ea06652c133febd1719a344d79d078ec6c41a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13762683
cf-polished: origSize=1036
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-40c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HwoXg0eeJ4EjFklLF4Qke3fD%2B%2Fb5yRgoOFSioozLIoTVLp23N4rlvTNZ5YqeD%2FYyVpUa3v1Vz7Z9eEe7MkfOmZMgRWYP8uFFLlV9L45wrvWM1wZ8Oku8KaRoGD2cLVdqYTNyaJ0s"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09d0735e5-FRA

GET
H3 200 tps.js Show response
www.securityweek.com/wp-content/plugins/theia-post-slider/js/ 17 KB
5 KB 53ms
49ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/theia-post-slider/js/tps.js?ver=1.15.1
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41514feeb38f4f3d0fcc41d00d04c744e0e534930b030ca6efc0eedb892022ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13762683
cf-polished: origSize=35644
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-8b3c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXx%2BIOpQqjIl6wOThrY3IGqdyeprag4q7eILTIV36LPJ2l9fL%2BB8m3KznNYEAlWcp%2FpP%2B4ez2WELWGpVZp8sa%2BjKoADJN4MPK%2Bci3Ot46H4G9gXMr6fA6weVM1NLYI642v7w3Wbh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09d0835e5-FRA

GET
H3 200 async.min.js Show response
www.securityweek.com/wp-content/plugins/theia-post-slider/js/ 11 KB
4 KB 68ms
64ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/theia-post-slider/js/async.min.js?ver=14.09.2014
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42f8505b4b6d5476091672c8ebc27d1ed2b9d21a68890145135578a6737ef053

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6500210
etag: W/"63cf858d-2c43"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjlQbCE%2FQeo%2FOW37oXQ56nyRdLIW%2B3kH5azoMyuVXa06m9qekJ148%2B61%2BDBrQ6Zrz3ikpvc4kby%2Bx2v4g62UlvD%2FMcK9gbC22ldd0MA16Izs60wbSfZBbsg8l%2BXQId52fHQLn8GJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09d0a35e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.history.js Show response
www.securityweek.com/wp-content/plugins/theia-post-slider/js/balupton-history.js/ 22 KB
7 KB 72ms
68ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/plugins/theia-post-slider/js/balupton-history.js/jquery.history.js?ver=1.7.1
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c54ab568b73e88af409e7615e9c6730d701234ebe9d64b131a08fccb0bef3deb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13762683
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 07:15:25 GMT
server: cloudflare
etag: W/"63cf858d-598f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVPuimY3U6RwDD1uxdai5sXkHuRAzHywW87wZkPRR1PEcrQDk93Ad3QFfFtPfRg6GBHwuaWdxA%2B8XUzZga0CWUujM9ApqLBXt2DitvH6WtNe5J32JGxySjTbIz1N9jSFaAYNhabt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09d0b35e5-FRA

GET
H3 200 jquery-migrate.min.js Show response
www.securityweek.com/wp-includes/js/jquery/ 13 KB
5 KB 68ms
64ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 09:09:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8306405
etag: W/"642d3aad-3470"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FwJ2%2BZo7DRXmgI6xZ7TplT5oMSf5gPARjwy7B2bUt1BLZEGD6EaIsT9l1xc97rAOwiU%2Fw%2FUN6fFU0KZOUDN%2B4PqYJdxMIrGkhpkEqIPbQ%2B7IHF5p%2Bh1QT0B6c9ZiMTtWyYf1HrX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09d0d35e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
www.securityweek.com/wp-includes/js/jquery/ 88 KB
32 KB 68ms
65ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 09:09:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3478362
etag: W/"642d3aad-15ed7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ItxyFLDSLqqtNpnLdiI451YaGL3%2FRdlRLjh4iLY7ZJZr1Lske4NfJe9vR%2FIZUYlIiB610ltG1bbfbHtNGv8rYYGx4ELEBsWuhA6Kzw7%2FVmbVZ%2FTZfW9gVjFi4ISCTb1N89tWWEHHtKgqetCWmSUdy2V"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc09d0e35e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 vck.js Show response
cdn.justuno.com/ 2 KB
2 KB 111ms
34ms Script
application/javascript 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.justuno.com/vck.js
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/apps/body/gTSU7w8TKow-r0zxLGZWiDD2jUk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa433b899311f6fcb718687df51be730a5a7a3c6ce4dc2474ff26a383307b2ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 10 Jul 2023 12:37:30 GMT
x-amz-version-id: IStAkkpAXub6mGXsU7R_eEc9Tjbt5OG9
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: EW9GBS7APZ1TYXN6
age: 117
cf-polished: origSize=3165
x-77-cache: HIT
x-cache: HIT
x-age: 720902
x-accel-date: 1683098116
alt-svc: h3=":443"; ma=86400
x-amz-id-2: G5d+cLjddbcfcjHQ9QByxx9HCoThojK45vZ0s4KHaCpHd3Si2jTdeFNwfCKmd470h7FQPoLHtYk=
x-77-nzt: AcO1ryepV7X/BgALAA
cf-bgj: minify
last-modified: Thu, 12 Nov 2020 22:18:40 GMT
server: cloudflare
etag: W/"0d90f75705633071cb4330dbccfe579a"
x-77-nzt-ray: 25b0213106d6b38b0a0a5d64e9d97f20
access-control-max-age: 3000
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
cache-control: public, max-age=691200
cf-ray: 7e48dbc11cd21959-FRA
access-control-allow-headers: *
expires: Tue, 18 Jul 2023 12:37:30 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 25 KB
25 KB 104ms
41ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7COswald%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CTitillium+Web%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COswald%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COswald%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COswald%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COswald%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CBarlow+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 22:13:59 GMT
x-content-type-options: nosniff
age: 138211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25372
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 22:13:59 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 18 KB
18 KB 83ms
21ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 05:12:33 GMT
x-content-type-options: nosniff
age: 199497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18232
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:27:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 05:12:33 GMT

GET
H3 200 fa-brands-400.woff2
www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/webfonts/ 75 KB
75 KB 42ms
34ms Font
font/woff2 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/css/all.css?ver=6.2.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

Referer: https://www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/css/all.css?ver=6.2.2
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13762691
alt-svc: h3=":443"; ma=86400
content-length: 76736
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
server: cloudflare
etag: "63cf8587-12bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHVOy2%2BlhBF9zo1s%2F6f7ZtMnKJ%2BDOSEeiDJQmlJThAMDA7HgxoTe6LtFbJ3%2B94OZTPQ3M5q3dwyAc87i2lgDghsY%2BOu0E%2FpLJ0x4QqS3hUS5jtN1Ku14SJhJgLHB5GPfq2mWdi4w"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e48dbc0fd7435e5-FRA

GET
H3 200 fa-solid-900.woff2
www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/webfonts/ 76 KB
77 KB 40ms
32ms Font
font/woff2 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/css/all.css?ver=6.2.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/css/all.css?ver=6.2.2
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13762692
alt-svc: h3=":443"; ma=86400
content-length: 78268
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
server: cloudflare
etag: "63cf8587-131bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Le3SARigN5s6Q2Ru4VM%2FAFGgrYojSJus%2BkBipGv4zcgIZeRmhG%2FIfUoK4qIh7UpG01aIEFH1rVUQVuzxeVeK5dA9srLwBbbDmOiekTQaa%2BCtFZYp28tPZHp5JCa3CYcc5zba2T2e"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e48dbc0fd7635e5-FRA

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 12 KB
12 KB 89ms
27ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:29:39 GMT
x-content-type-options: nosniff
age: 277671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11796
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:47:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jul 2024 07:29:39 GMT

GET
H3 200 fa-regular-400.woff2
www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/webfonts/ 13 KB
13 KB 60ms
53ms Font
font/woff2 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/webfonts/fa-regular-400.woff2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/css/all.css?ver=6.2.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca

Request headers

Referer: https://www.securityweek.com/wp-content/themes/zoxpress-child/font-awesome/css/all.css?ver=6.2.2
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13762691
alt-svc: h3=":443"; ma=86400
content-length: 13224
last-modified: Tue, 24 Jan 2023 07:15:19 GMT
server: cloudflare
etag: "63cf8587-33a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SiEZy37kf2lBH1a5roembZgQKpht96nMSqDIxQKoHICSAe3hVNe9EGFz7QC3pWe8aWiRTxSN0SkLsHqfI2aaCXpmsLMImAq0Vg056RmIYoiF96NXD%2FBiVMkXDLNwAP%2BzNMMIyFe3"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e48dbc0fd7735e5-FRA

GET
H2 200 NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 12 KB
12 KB 122ms
61ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 05:53:30 GMT
x-content-type-options: nosniff
age: 283440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12372
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:19:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jul 2024 05:53:30 GMT

GET
H2 200 HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 20 KB
20 KB 117ms
56ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:32:51 GMT
x-content-type-options: nosniff
age: 335079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20200
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:28:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jul 2024 15:32:51 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffEDBGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 10 KB
10 KB 115ms
53ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffEDBGItzYw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e59456a560f58d0b6b7934bfc06e0b2faee5d61e2bdb10eef541dd66bfebe0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 19:23:43 GMT
x-content-type-options: nosniff
age: 234827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10444
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:44:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jul 2024 19:23:43 GMT

GET
H3 200 picture-106.jpg
www.securityweek.com/wp-content/uploads/2022/04/ 40 KB
40 KB 33ms
32ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/uploads/2022/04/picture-106.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c901e4c09c6bc073c66983e5740b7769d3ff9f40c8018caafe08ddd625fc41df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1491713
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 40723
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jan 2023 07:15:16 GMT
server: cloudflare
etag: "63cf8584-9f13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EyStbb7we6R521OIbdXu2DFx%2FWOmSj6dvV3n1%2BpXomAV4mUwJzegmUqkqXu0iuklkYt2pJ1ok%2BOGWt1gKfIfO8Bt4oqfn6Uv%2BT1gFRekleNF0YHsx4xQr9Em7coOHixk2GRefMzc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e48dbc18e3d35e5-FRA

GET
H3 200 Marc-Solomon_Bio.jpeg
www.securityweek.com/wp-content/uploads/2022/04/ 18 KB
19 KB 34ms
32ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/uploads/2022/04/Marc-Solomon_Bio.jpeg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36380ba65c78f1e8a6ee7fd115d7053e7e0ba33f4a5fa1c79d05042fc5db85b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2180203
cf-polished: origSize=19258
alt-svc: h3=":443"; ma=86400
content-length: 18824
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jan 2023 07:15:16 GMT
server: cloudflare
etag: "63cf8584-4b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kg3Ias9SsSw2y6e%2BkbqUis6QBSfYSdpjcu8v%2B5ODF0Rr76rqbdNK947OacVhPHywFUkEECajQzMnMJdSbXPfRrlxbDWLJVZHMfn%2BQgo9qZqR7pYBTRofVpSh0c52idqhL9nyRepa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e48dbc18e4135e5-FRA

GET
H3 200 Derek-Manky-Fortinet.jpg
www.securityweek.com/wp-content/uploads/2023/03/ 32 KB
33 KB 34ms
32ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/uploads/2023/03/Derek-Manky-Fortinet.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe36fa908b34f9ade012f62e4abfc6c563b2cc66aa8201b5aabd78b5663b747

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1555253
cf-polished: origSize=34066
alt-svc: h3=":443"; ma=86400
content-length: 33107
cf-bgj: imgq:100,h2pri
last-modified: Thu, 23 Mar 2023 11:02:06 GMT
server: cloudflare
etag: "641c31ae-8512"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2WPGhrVFmLrzhBWEB2fLqyoB3ziy55uXzE7eCUpTa1japnssDCq4J%2BNDnU8cm8pxdtgAsR38Rt5Xa9dzd5Q27piL4f8m%2FKM%2FRVK82%2B1fbnZx0o%2B1imLILRFfIDyMm1azT8%2FZuCM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e48dbc18e4235e5-FRA

GET
H3 200 Matt-Wilson_Netography.jpg
www.securityweek.com/wp-content/uploads/2023/01/ 37 KB
37 KB 36ms
34ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/uploads/2023/01/Matt-Wilson_Netography.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8dbf228fd3b96810997d6d3e8b9e55e4b183cf9e3c8abe9407fcf1ad58a6979

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1835622
cf-polished: origSize=40707
alt-svc: h3=":443"; ma=86400
content-length: 37815
cf-bgj: imgq:100,h2pri
last-modified: Tue, 31 Jan 2023 01:45:27 GMT
server: cloudflare
etag: "63d872b7-9f03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HiD9hD5sfVAGoZCQ9wUzwh1nMz%2F9mVxEbPQpfPhkh07nqc2qWjxxoU3d8Sz1%2B993rF5Ih7Hko9lAVV2xSgzT085FCt%2FXfePZ7vSPf9qy5FQwTA4r7su8S5FT9atjZoGIPJQZJ%2Fyw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e48dbc19e4335e5-FRA

GET
H3 200 Matt-Honea.jpg
www.securityweek.com/wp-content/uploads/2023/05/ 55 KB
55 KB 41ms
39ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/uploads/2023/05/Matt-Honea.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d7fe1edfe0835429f5f50fa1b03e99bbc8a49041cab3e8e2066381986a253e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1493117
cf-polished: origSize=71346
alt-svc: h3=":443"; ma=86400
content-length: 56173
cf-bgj: imgq:100,h2pri
last-modified: Tue, 09 May 2023 01:30:30 GMT
server: cloudflare
etag: "6459a236-116b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmTfFoQhe1ECXFABEyUukorKv26STW2xEgvRAzvuWWeLerpaRsmQyRR2%2BAnENKZcxeC%2B78Pw9eaJPuVD8aTMBNlZttWXFg7jVElvXmNLtNet0VLeqVmrekKjSiFJxtXny31PdQZ5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e48dbc19e4435e5-FRA

GET
H3 200 Ransomware-Information-2023-600x337.jpg
www.securityweek.com/wp-content/uploads/2023/02/ 26 KB
26 KB 32ms
31ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/uploads/2023/02/Ransomware-Information-2023-600x337.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c47493311effe3020f3e9d2d1efc214fbd84861a1b7410ce17dc9d24273b6911

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13455371
cf-polished: origSize=29185, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 26284
cf-bgj: imgq:100,h2pri
last-modified: Thu, 02 Feb 2023 02:31:59 GMT
server: cloudflare
etag: "63db209f-7201"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbWgjV9uxty0EsmPnLLdFRp%2FWKG0MN3q4z3vc6GoAzNiVASolYcLAvOdXJzBPAmHg5c%2FFVPXC5yxpOg12Vqg3buxB1fOqlYS5LNB5uxcruhGLEUkvsg767I8MA%2BLsCrNjbYq4aAX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e48dbc22f1535e5-FRA

GET
H3 200 Web3-Cyber-Insights-600x337.jpg
www.securityweek.com/wp-content/uploads/2023/02/ 24 KB
25 KB 39ms
39ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/wp-content/uploads/2023/02/Web3-Cyber-Insights-600x337.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec7456ce96879ccb2d875f9a7d337b8ee958fee1f5c6e21660712b5c14b1c8c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3448072
cf-polished: origSize=28741
alt-svc: h3=":443"; ma=86400
content-length: 24863
cf-bgj: imgq:100,h2pri
last-modified: Mon, 06 Feb 2023 02:43:57 GMT
server: cloudflare
etag: "63e0696d-7045"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYqGVnIcpyCzIP0cB40FNWjyoewvLzERYXBoqpb7fS9mHjm5IH5VdkhyG951Msu05x%2B04G%2B1OQ9iUlboy1PkoFEySc%2BlB1hG0z%2FC3N7jsgL1RuhxCPdZb1yTq7YK9xVQ5z1MKfKw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e48dbc22f1a35e5-FRA

GET
H2 200 account_version_check.html Show response
my.justuno.com/ajax/ 36 B
366 B 51ms
35ms Script
application/json 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.justuno.com/ajax/account_version_check.html?id=A230AE4D-581E-411F-ACCB-A081243B2697
Requested by: Host: cdn.justuno.com
URL: https://cdn.justuno.com/vck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fca95b24818f6d49927151bece29ed04d9137b3ddde4fcdeae182ca0288c60c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:30 GMT
cf-cache-status: HIT
age: 474
p3p: CP="CURa ADMa DEVa TAIa CONa OUR BUS DSP NON COR"
alt-svc: h3=":443"; ma=86400
content-length: 36
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 10 Jul 2023 05:29:36 PST
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=30
accept-ranges: bytes
cf-ray: 7e48dbc24e7d1959-FRA
access-control-allow-headers: X-CSRFToken, x-csrf-token, x-rover-source, X-Requested-With, origin, content-type, accept
expires: Mon, 10 Jul 2023 12:38:00 GMT

GET
H2 200 mwgt_4.1.js Show response
cdn.justuno.com/ 207 KB
52 KB 40ms
39ms Script
application/javascript 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.justuno.com/mwgt_4.1.js?v=5.72
Requested by: Host: cdn.justuno.com
URL: https://cdn.justuno.com/vck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03162119b88f02a4d3e49eaabb688d4a2deea589bee997f84613fabf7f79bcd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 10 Jul 2023 12:37:30 GMT
x-amz-version-id: blgLG37zNSgPD0y6nTnR.h2X4UXwhDcL
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: B9WX4YB334KCSVC3
age: 232846
cf-polished: origSize=282159
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 23
x-accel-date: 1688759781
alt-svc: h3=":443"; ma=86400
x-amz-id-2: XX45OLj+giBf7hcgKdqQugsjkuix/ibcAIEyzAPh5XB0XfUzJmzrPSjEM4G5p0l99g5RMNZG3vw=
x-77-nzt: AZySIYs8EPn/FwAAAA
cf-bgj: minify
last-modified: Wed, 21 Jun 2023 19:38:45 GMT
server: cloudflare
etag: W/"b1bb87468c83382e38e1c734ce6fe921"
x-77-nzt-ray: cf878727b3d8fb33fc6da864c7087512
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=700000
cf-ray: 7e48dbc28ebf1959-FRA
access-control-allow-headers: *
expires: Tue, 18 Jul 2023 15:04:10 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.securityweek.com/wp-includes/js/ 18 KB
5 KB 34ms
34ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 09:09:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3478363
etag: W/"642d3aad-4904"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4b61DCBqwDRnEpm%2BclWe9NRecq4joCaN4tHRMu1p3Qj2E6grOTy8ePR7XbzpE%2FHCDqOmtroMy8Vvvfid26yMC5BCc0iN89DpST8DaJVgk%2B1MMjX3cco%2B6UhXC8DnXkW%2BUMHpT99NBQf%2BBrIbzGcWrSL1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e48dbc67ccc35e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 app.js Show response
ads.securityweek.com/ 67 KB
13 KB 197ms
41ms Script
application/javascript 78.159.97.6
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.securityweek.com/app.js
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.97.6 Sigmaringen, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 7d9b7ee9ae860b2f27e08578dacc166269ab838417994fb62c568ff40245b5a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:31 GMT
content-encoding: gzip
last-modified: Fri, 17 Mar 2023 20:55:24 GMT
server: nginx
etag: W/"6414d3bc-10c8e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
expires: Mon, 10 Jul 2023 13:07:31 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/ 392 KB
125 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js?cb=31075866

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d076633408bf78e086b9125a46176d2fdeaf3a5d5b52bb9b3a9d562cea646006

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:42:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10502
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127592
x-xss-protection: 0
server: cafe
etag: 1084883806831873288
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 09 Jul 2024 09:42:29 GMT

GET
H/1.1 200
OK count.js Show response
securityweek.disqus.com/ 1 KB
2 KB 119ms
25ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://securityweek.disqus.com/count.js

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.23

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 10 Jul 2023 12:37:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300; includeSubdomains
X-Amz-Cf-Pop: DFW3-C1
Age: 224
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 07 Jul 2023 20:22:44 GMT
Server: nginx
ETag: "64a87414-367"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: sv_bBSs2C_tWGhh3o6ikbPmHyuTa4IQ3Lsn5-AanBbQd1xPyPuMWOw==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 91ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M1YM36C8RW&gtm=45je3750&_p=168782666&cid=162994869.1688992651&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1688992651&sct=1&seg=0&dl=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&dt=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%27APT38%27%20Group%20-%20SecurityWeek&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M1YM36C8RW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 12:37:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.securityweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 72ms
31ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-9QV8NZWNBC&gtm=45je3750&_p=168782666&cid=162994869.1688992651&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1688992651&sct=1&seg=0&dl=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&dt=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%27APT38%27%20Group%20-%20SecurityWeek&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9QV8NZWNBC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 12:37:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.securityweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK embed.js Show response
securityweek.disqus.com/ 78 KB
25 KB 105ms
25ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://securityweek.disqus.com/embed.js

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.23

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

df70b40750b32dd5f0644635c1922bb61b37f5013881c0386ccd0b742a643636

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 10 Jul 2023 12:37:31 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=300; includeSubdomains
Server: openresty
Age: 97
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 25396

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 112ms
30ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.securityweek.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js?cb=31075866

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
15 KB 79ms
79ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1594850320398092&correlator=3049616022171019&eid=31072020%2C31075866%2C31075904&output=ldjh&gdfp_req=1&vrg=202307060101&ptt=17&impl=fifs&iu_parts=1009451%2CSecurityWeek-Home-300x600%2CNewSW-970x90-Homepage%2CNewSW-300x600-Article-Right%2CNewSW-300x250-Home%2CNewSW-300x250-Article&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=300x600%2C970x90%2C300x600%2C300x250%2C300x250&ifi=1&adks=1565590840%2C2323175181%2C154041892%2C3002022740%2C665154368&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1688992651424&lmt=1674504300&dlt=1688992650124&idt=1268&adxs=-9%2C-9%2C1100%2C-9%2C1100&adys=-9%2C-9%2C773%2C-9%2C3269&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C0%7C-1%7C1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&frm=20&vis=1&psz=0x-1%7C0x-1%7C300x0%7C0x-1%7C300x0&msz=0x-1%7C0x-1%7C300x600%7C0x-1%7C300x250&fws=2%2C2%2C4%2C2%2C4&ohw=0%2C0%2C1600%2C0%2C1600&ga_vid=162994869.1688992651&ga_sid=1688992651&ga_hid=168782666&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js?cb=31075866

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

040d078097e2a488708bd4b4b705a6ce26e7bb61dfb16cc294301083f3cb6e2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15437
x-xss-protection: 0
google-lineitem-id: -2,6180097320,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138417024217,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.securityweek.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9f680d97fa27aa6285466d0d84937ff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3F86 6 KB
3 KB 147ms
29ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9f680d97fa27aa6285466d0d84937ff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js?cb=31075866

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 12:37:31 GMT
expires: Tue, 09 Jul 2024 12:37:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 5319632.js Show response
js.hs-analytics.net/analytics/1688992500000/ 66 KB
21 KB 250ms
180ms Script
text/javascript 2606:4700::6810:8ace
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1688992500000/5319632.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5319632.js?integration=WordPress&ver=10.1.24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbac39d3d3370e9ea0816fd757737e3d0ea6d4c30a4dbc61df4b89f38a64dee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:31 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: T1313TY3Q0AA9AT7
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 8e7af87d-8418-4944-9fdf-ffa779a2277b
x-envoy-upstream-service-time: 31
x-amz-id-2: 37noDyVGfZHltZQluIFlETCobDjjVLDvu4AkALNvIUh9/UZ9QExCeegWfcO+o9ZwJxx8vgzejek=
x-evy-trace-listener: listener_https
x-request-id: 8e7af87d-8418-4944-9fdf-ffa779a2277b
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 15 Jun 2023 14:48:07 GMT
server: cloudflare
etag: W/"32abd2594e9bba3d2dcc89617cc96410"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-2sbs7
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7e48dbc81dc41c2e-FRA
expires: Mon, 10 Jul 2023 12:42:31 GMT

GET
H2 200 5319632.js Show response
js.hs-banner.com/ 60 KB
16 KB 476ms
417ms Script
text/javascript 2606:4700::6812:19c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5319632.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5319632.js?integration=WordPress&ver=10.1.24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7c91227ed1cf1d83d32996e4e61a4f77dbdbbc9920a3a29f5ab522d237c74b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:31 GMT
x-amz-version-id: Re7uVMKIIL3DzEPcXMU7stPISkZ1nT3r
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: AEN2Q4J07VAYWJZQ
x-amz-server-side-encryption: AES256
x-amz-id-2: ihYDtqv8FlUv3/fdAg4U5NaEbIARIfB1KeWQUjR4pXvO20vBSDNE9zD50i0DGh3cqS+cCg0w4S5qIl0kKdMbYQ==
last-modified: Mon, 17 Apr 2023 15:35:42 GMT
server: cloudflare
etag: W/"fbac0553015dccf82e36fcb606c4d982"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.securityweek.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7e48dbc80a8c3664-FRA
expires: Mon, 10 Jul 2023 12:42:31 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 193ms
134ms Script
application/javascript 2606:4700::6811:6cc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5319632.js?integration=WordPress&ver=10.1.24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6cc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f54b61a120e0240c98428d76beab031099f4f0379cbc623de071277255088fdc

Request headers

Referer: https://www.securityweek.com/
Origin: https://www.securityweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:31 GMT
x-amz-version-id: 3rNMTio6eswfsQ6sgXOFNNmyULDAVi34
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 8bf48e1c-fb1b-44b9-ba9e-5d8e378ed147
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.380/bundles/project.js&cfRay=7e48dbc80f1a1d9e-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8bf48e1c-fb1b-44b9-ba9e-5d8e378ed147
last-modified: Mon, 10 Jul 2023 09:43:19 UTC
server: cloudflare
etag: W/"85b7f9af32b27bd6cc93e80bfb2911df"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-xhv87
cf-ray: 7e48dbc80f1a1d9e-FRA
x-amz-cf-id: FC-DJ2k0BGF1M8GvKx8iekjWv1zy-UcxZrpggVQuimckR7NEHr3bBQ==
x-hs-target-asset: collected-forms-embed-js/static-1.380/bundles/project.js

GET
H3 200 vck.js Show response
cdn.justuno.com/ 2 KB
2 KB 33ms
33ms Script
application/javascript 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.justuno.com/vck.js
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/apps/body/gTSU7w8TKow-r0zxLGZWiDD2jUk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa433b899311f6fcb718687df51be730a5a7a3c6ce4dc2474ff26a383307b2ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 10 Jul 2023 12:37:31 GMT
x-amz-version-id: IStAkkpAXub6mGXsU7R_eEc9Tjbt5OG9
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: EW9GBS7APZ1TYXN6
age: 4152
cf-polished: origSize=3165
x-77-cache: HIT
x-cache: HIT
x-age: 720914
x-accel-date: 1683098116
alt-svc: h3=":443"; ma=86400
x-amz-id-2: G5d+cLjddbcfcjHQ9QByxx9HCoThojK45vZ0s4KHaCpHd3Si2jTdeFNwfCKmd470h7FQPoLHtYk=
x-77-nzt: AcO1ryfCG7P/EgALAA
cf-bgj: minify
last-modified: Thu, 12 Nov 2020 22:18:40 GMT
server: cloudflare
etag: W/"0d90f75705633071cb4330dbccfe579a"
x-77-nzt-ray: 25b021315ae1169e160a5d64d47d100c
access-control-max-age: 3000
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
cache-control: public, max-age=691200
cf-ray: 7e48dbc7abd79042-FRA
access-control-allow-headers: *
expires: Tue, 18 Jul 2023 12:37:31 GMT

GET
H3 200 3 Show response
www.securityweek.com/wp-json/wordpress-popular-posts/v1/popular-posts/widget/ 4 KB
2 KB 649ms
648ms XHR
application/json 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.securityweek.com/wp-json/wordpress-popular-posts/v1/popular-posts/widget/3?is_single=16121

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.1.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

1f64e05d315830f4098f8cf31c24c5e26397384d785bda84b0115ed6073c50b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
X-WP-Nonce: 0ae2cbdfda
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:32 GMT
x-cache-group: normal
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-cacheable: SHORT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-powered-by: WP Engine
x-cache: MISS
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
allow: GET
content-type: application/json; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ENpX%2BHNNIuIPRwt0l2xcadQBTJupWdlA8mcBloH7qNOr7qDJA%2BY1RC%2Fzx5MP1oUCL4TntWsdzDRfPaT4U3elvdz%2B7RYIQZTqtf3QF%2B643x5gSKftgCyuMEsarqfMRdJHSF%2FMCxxkez2toHu8ZHPj%2BkpI"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=600, must-revalidate
x-robots-tag: noindex
link: <https://www.securityweek.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray: 7e48dbc7becb35e5-FRA
x-wp-nonce: 0ae2cbdfda

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 132ms
70ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js?cb=31075866

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b511690cdc08f45b653de11f88450e329843818d85f3b2ef9f0e4062fd2ced8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11821
x-xss-protection: 0

GET
H3 200 store_4.1.html Show response
cdn.justuno.com/ Frame FC47 2 KB
1002 B 58ms
57ms Document
text/html 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.justuno.com/store_4.1.html?v=5.72
Requested by: Host: cdn.justuno.com
URL: https://cdn.justuno.com/mwgt_4.1.js?v=5.72
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c189dd46df7ab8b489d4a3238defd7975ad02f114eb3f72fedadeb6fde7cbe0

Request headers

Referer: https://www.securityweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: max-age=700000
cf-cache-status: DYNAMIC
cf-ray: 7e48dbc7cbf49042-FRA
content-encoding: br
content-type: text/html
date: Mon, 10 Jul 2023 12:37:31 GMT
last-modified: Tue, 31 Mar 2020 15:31:26 GMT
server: cloudflare
vary: Accept-Encoding
x-77-cache: HIT
x-77-nzt: AZySIYhmqoP/pI0DAA
x-77-nzt-ray: f6587a1d67ec6d818bfbab64adfe901e
x-77-pop: frankfurtDE
x-accel-date: 1688759783
x-age: 232868
x-amz-id-2: I8+Gj1p7RfnXg//zDAFCS95EZV4LmmKCBAjl+/I6jtIG5lgCDO0ZZWqWlfCziHsMnZpdR2ka9tU=
x-amz-request-id: H3FGRXTBK96RK89B
x-amz-version-id: n8._QaxL6VauG4hu9U02QXwqY3LVnM24
x-cache: HIT

POST
H3 204 rum Show response
www.securityweek.com/cdn-cgi/ 0
145 B 25ms
20ms XHR
text/plain 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.securityweek.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: application/json

Response headers

date: Mon, 10 Jul 2023 12:37:31 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.securityweek.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7e48dbc80f4335e5-FRA

GET
H/1.1 200
OK recommendations.js Show response
securityweek.disqus.com/ 64 KB
21 KB 138ms
137ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://securityweek.disqus.com/recommendations.js

Requested by

Host: securityweek.disqus.com
URL: https://securityweek.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

7d8fb4417a8880d05930065c79ad4f70bfaae7c9279dae41c16e5b148793fe82

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 10 Jul 2023 12:37:31 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=300; includeSubdomains
Server: openresty
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 21157

GET
H2 200 ;ID=179018;size=970x250;setID=593294;type=async;domid=placement_593294_0;place=0;pid=4214085;sw=1600;sh=1200;spr=1;rnd=4214085;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-ban... Show response
ads.securityweek.com/adserve/ 2 KB
1 KB 44ms
43ms Script
application/javascript 78.159.97.6
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.securityweek.com/adserve/;ID=179018;size=970x250;setID=593294;type=async;domid=placement_593294_0;place=0;pid=4214085;sw=1600;sh=1200;spr=1;rnd=4214085;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F;atf=1;click=CLICK_MACRO_PLACEHOLDER

Requested by

Host: ads.securityweek.com
URL: https://ads.securityweek.com/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

78.159.97.6 Sigmaringen, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

nginx /

Resource Hash

52d0ac131db1f449986c81449f2cc3a2bdd6373bc0f107915c5bcc4bb5ff7cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 12:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: application/javascript
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;ID=179018;size=300x250;setID=605204;type=async;domid=placement_605204_0;place=0;pid=4214085;sw=1600;sh=1200;spr=1;rnd=4214085;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-ban... Show response
ads.securityweek.com/adserve/ 2 KB
1 KB 42ms
41ms Script
application/javascript 78.159.97.6
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.securityweek.com/adserve/;ID=179018;size=300x250;setID=605204;type=async;domid=placement_605204_0;place=0;pid=4214085;sw=1600;sh=1200;spr=1;rnd=4214085;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F;click=CLICK_MACRO_PLACEHOLDER

Requested by

Host: ads.securityweek.com
URL: https://ads.securityweek.com/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

78.159.97.6 Sigmaringen, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

nginx /

Resource Hash

6631e2597f0a7c814db686a76a0f8e2aedc605f3d72f26fdcfc94cc93a4d40b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 12:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: application/javascript
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;ID=179018;size=640x480;setID=479628;type=async;domid=placement_479628_0;place=0;pid=4214085;sw=1600;sh=1200;spr=1;rnd=4214085;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-ban... Show response
ads.securityweek.com/adserve/ 2 KB
1 KB 43ms
42ms Script
application/javascript 78.159.97.6
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.securityweek.com/adserve/;ID=179018;size=640x480;setID=479628;type=async;domid=placement_479628_0;place=0;pid=4214085;sw=1600;sh=1200;spr=1;rnd=4214085;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F;atf=1;click=CLICK_MACRO_PLACEHOLDER

Requested by

Host: ads.securityweek.com
URL: https://ads.securityweek.com/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

78.159.97.6 Sigmaringen, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

nginx /

Resource Hash

b6517ef34881c399f4ead04233ff1c198954537e96068e03e5afdde5b9b39f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 12:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: application/javascript
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 97ms
29ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js?cb=31075866

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 10 Jul 2023 12:37:31 GMT

GET
H2 200 ;MID=179018;type=e959fb862;placementID=2118084;setID=605204;channelID=0;CID=775050;BID=521108503;TAID=0;place=0;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-a... Show response
ads.securityweek.com/adserve/ 0
341 B 161ms
40ms XHR
text/html 78.159.97.6
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.securityweek.com/adserve/;MID=179018;type=e959fb862;placementID=2118084;setID=605204;channelID=0;CID=775050;BID=521108503;TAID=0;place=0;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F;mt=1688992651596220;hc=2af5cb4f4d0ddbd98debd13002c63d242ae436dd

Requested by

Host: ads.securityweek.com
URL: https://ads.securityweek.com/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

78.159.97.6 Sigmaringen, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 12:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.securityweek.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;libID=3869866
ads.securityweek.com/getad.img/ 104 KB
104 KB 72ms
71ms Image
image/png 78.159.97.6
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.securityweek.com/getad.img/;libID=3869866
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.97.6 Sigmaringen, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: fb0ad3d12da61ddc15d083c3d817537463de467626e2e2a528022a7891b481f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:31 GMT
last-modified: Mon, 19 Jun 2023 17:24:37 GMT
server: nginx
etag: "64908f55-19f48"
content-type: image/png
access-control-allow-origin: https://www.securityweek.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="solidblue-agilitymeetssecurity-learnmore_300x250.png"
accept-ranges: bytes
content-length: 106312
expires: Tue, 09 Jul 2024 05:37:31 PDT

GET
H2 200 ;MID=179018;type=e959fb862;placementID=2114926;setID=479628;channelID=0;CID=773887;BID=521099255;TAID=0;place=0;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-a... Show response
ads.securityweek.com/adserve/ 0
342 B 159ms
39ms XHR
text/html 78.159.97.6
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.securityweek.com/adserve/;MID=179018;type=e959fb862;placementID=2114926;setID=479628;channelID=0;CID=773887;BID=521099255;TAID=0;place=0;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F;mt=1688992651597065;hc=db063f2d1e2c01eb116b307acb8a73bce38bb9f8

Requested by

Host: ads.securityweek.com
URL: https://ads.securityweek.com/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

78.159.97.6 Sigmaringen, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 12:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.securityweek.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;libID=3866005
ads.securityweek.com/getad.img/ 226 KB
226 KB 35ms
35ms Image
image/png 78.159.97.6
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.securityweek.com/getad.img/;libID=3866005
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.97.6 Sigmaringen, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 594a9ae0946c65c5b0d44f36c80bd30e19748d90cc50129910d69642cb80825e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:31 GMT
last-modified: Wed, 14 Jun 2023 19:22:25 GMT
server: nginx
etag: "648a1371-3869a"
content-type: image/png
access-control-allow-origin: https://www.securityweek.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="bubble-agilitymeetssecurity-learnmore_640x480.png"
accept-ranges: bytes
content-length: 231066
expires: Tue, 09 Jul 2024 05:37:31 PDT

GET
H2 200 ;MID=179018;type=e959fb862;placementID=2118090;setID=593294;channelID=0;CID=775056;BID=521108512;TAID=0;place=0;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-a... Show response
ads.securityweek.com/adserve/ 0
341 B 160ms
41ms XHR
text/html 78.159.97.6
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.securityweek.com/adserve/;MID=179018;type=e959fb862;placementID=2118090;setID=593294;channelID=0;CID=775056;BID=521108512;TAID=0;place=0;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F;mt=1688992651597834;hc=eb98a80efb2ce8cc95b7dff18d12e256978f5faf

Requested by

Host: ads.securityweek.com
URL: https://ads.securityweek.com/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

78.159.97.6 Sigmaringen, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 12:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.securityweek.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;libID=3869885
ads.securityweek.com/getad.img/ 91 KB
91 KB 70ms
70ms Image
image/jpeg 78.159.97.6
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.securityweek.com/getad.img/;libID=3869885
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.97.6 Sigmaringen, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 84a0cc2980f8f000ab8190daf3e806d0d8882c22df0f51b69debf18273b6f97d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:31 GMT
last-modified: Mon, 19 Jun 2023 18:01:48 GMT
server: nginx
etag: "6490980c-16c4f"
content-type: image/jpeg
access-control-allow-origin: https://www.securityweek.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="Cloud 970x250 banner for website.jpg"
accept-ranges: bytes
content-length: 93263
expires: Tue, 09 Jul 2024 05:37:31 PDT

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 185A 7 KB
4 KB 215ms
150ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&s_o=default

Requested by

Host: securityweek.disqus.com
URL: https://securityweek.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

15f8c4e92ee10d8a0de4cf218c6539722d0f721147cb1526972120af64163005

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.securityweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2910
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 10 Jul 2023 12:37:31 GMT
ETag: W/"lounge:view:7629071679.d29867ab0d8a6464601d2d8a26db4e6f.2"
Last-Modified: Sat, 11 Feb 2023 12:39:27 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
436 B 122ms
120ms XHR
application/json 2606:4700::6811:6cc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=5319632&utk=
Requested by: Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6cc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0978438d354ec5e681207be25f53c69b24700125938105927de69dc0e55bcd48

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.securityweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ee3f8bd5-0e1d-46e2-9c1d-90311af6fb2d
x-envoy-upstream-service-time: 2
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ee3f8bd5-0e1d-46e2-9c1d-90311af6fb2d
server: cloudflare
access-control-max-age: 180
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.securityweek.com
x-evy-trace-virtual-host: all
content-type: application/json;charset=utf-8
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-5c7n7
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7e48dbc928d11d9e-FRA

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 39A6 13 KB
5 KB 23ms
20ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 11:57:25 GMT
expires: Tue, 09 Jul 2024 11:57:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E6C6 783 B
1 KB 106ms
44ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5908fcde877391edcd33adfdcdf55890d793c2b025c75becdaa45220f86588ca

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Bxy6EMm6TJog6Dq6ook86g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.securityweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Bxy6EMm6TJog6Dq6ook86g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 12:37:31 GMT
expires: Mon, 10 Jul 2023 12:37:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 195ms
135ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2241961375&v=1.1&a=5319632&ct=blog-post&rcu=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&pu=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t=North+Korean+Attacks+on+Banks+Attributed+to+%27APT38%27+Group+-+SecurityWeek&cts=1688992651739&vi=3586c9d846cb8ee3d6309737c4496b8b&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7f3dabdf-fd65-4a1c-a8b9-0acedda8da89
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7f3dabdf-fd65-4a1c-a8b9-0acedda8da89
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsmsqIVeT5EKnaLRJvFkCE3xSfYQKS85vduTtdP%2BFD%2B8qLiVedkOxSFJtdRl2gdJ6eOgc6jYzAxv75hwGdPCA3o0giv5sp5ciEcmFej9aB9npdhNn9FqhWewef86M5N5hJMENJwoTX2b4C1xIzGz"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-wnd65
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7e48dbc9cbcd3720-FRA
x-robots-tag: none

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 39A6 37 KB
14 KB 64ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 10:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 10:26:50 GMT

GET
H/1.1 200
OK counters.gif
forms.hsforms.com/embed/v3/ 35 B
983 B 187ms
143ms Image
image/gif 2606:4700::6811:d5f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 10 Jul 2023 12:37:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: d3c35bb8-b240-478d-b9c4-c2a3a8398815
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d3c35bb8-b240-478d-b9c4-c2a3a8398815
Server: cloudflare
X-Trace: 2BD5E2DA1971E85443331159FCAFE2694F4D67B125000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-rgcrk
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 7e48dbca38089188-FRA

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E6C6 0
0 55ms
54ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307060101&jk=1594850320398092&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1 200
OK / Show response
disqus.com/recommendations/ Frame F478 6 KB
4 KB 176ms
130ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/recommendations/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group

Requested by

Host: securityweek.disqus.com
URL: https://securityweek.disqus.com/recommendations.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

18a433a2bd904be76b68dd34f7f93e4bf6870f8cd0077648eee4c527220f44cb

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.securityweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2407
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 10 Jul 2023 12:37:32 GMT
Last-Modified: Sat, 11 Feb 2023 12:39:27 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H2 200 lounge.load.c5d69eafe85f78750ffae9d8cbec4170.js Show response
c.disquscdn.com/next/embed/ Frame 185A 1 KB
1 KB 99ms
20ms Script
application/javascript 2600:9000:223d:da00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.c5d69eafe85f78750ffae9d8cbec4170.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:da00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

189f20ed03b45185e18abcd31209e01ba74145516ac1ced38e9c924bf8d08e91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&s_o=default
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 10 Jul 2023 08:31:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 14766
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 624
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Mon, 10 Jul 2023 08:24:45 GMT
server: nginx
etag: "64abc04d-270"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: 1V_fPGqAEbkskoqWTDFHrJrEAKOgZWT-_vPT5EJNajXIgpDlWQGUfg==
expires: Tue, 09 Jul 2024 08:31:26 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 39A6 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fV7oJw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 0
0 162ms
121ms Preflight
application/octet-stream 2606:4700::6812:19c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.securityweek.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.securityweek.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 7e48dbcb0d916969-FRA
content-length: 0
content-type: application/octet-stream
date: Mon, 10 Jul 2023 12:37:32 GMT
server: cloudflare
timing-allow-origin: *
vary: origin
x-envoy-upstream-service-time: 0
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-2sbs7
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: cfb9f465-f33f-4ad3-908d-0e26ad2a6a1e
x-request-id: cfb9f465-f33f-4ad3-908d-0e26ad2a6a1e

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
151 B 138ms
137ms XHR
text/plain 2606:4700::6812:19c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/5319632.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.securityweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 10 Jul 2023 12:37:32 GMT
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e9e6a82f-8fd5-47c1-938b-7822a965a9a1
x-envoy-upstream-service-time: 16
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e9e6a82f-8fd5-47c1-938b-7822a965a9a1
server: cloudflare
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.securityweek.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary: origin
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-v9vn7
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7e48dbcbce5f6969-FRA

GET
H2 200 common.bundle.42272221620e218896f3973a3bb140e2.js Show response
c.disquscdn.com/next/embed/ Frame 185A 280 KB
93 KB 65ms
23ms Script
application/javascript 2600:9000:223d:da00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.c5d69eafe85f78750ffae9d8cbec4170.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:da00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d23fd6a13b657ba55789f4a8b098f72d86e253917a83af15a2e4e6ed23a9e5c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 16 Jun 2023 20:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 2045947
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94141
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Fri, 16 Jun 2023 20:12:30 GMT
server: nginx
etag: "648cc22e-16fbd"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: 1nNxJ0iRUGmS_JP3mOswsS3pzlK6h9wX3oPJToJrMr0tT8yhb69Osg==
expires: Sat, 15 Jun 2024 20:18:25 GMT

GET
H2 200 recommendations.load.af5dcff7c80ddb6cb8b656857138adf1.js Show response
c.disquscdn.com/next/recommendations/ Frame F478 923 B
1 KB 20ms
19ms Script
application/javascript 2600:9000:223d:da00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.load.af5dcff7c80ddb6cb8b656857138adf1.js

Requested by

Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:da00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e4cc94b363c56c58b41c39282ca5728110a71e97c1eb51d03a8b6c98536d5727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 16 Jun 2023 20:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 2045933
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 450
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Fri, 16 Jun 2023 20:12:30 GMT
server: nginx
etag: "648cc22e-1c2"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: ImCTgT1fZaTSdRsjJOH-fP3dA7N2pYeX_y5d2Bl-liXiDKonWIBROA==
expires: Sat, 15 Jun 2024 20:18:39 GMT

GET
H2 200 common.bundle.26820753104bbfb2cc90e573a2447f47.js Show response
c.disquscdn.com/next/recommendations/ Frame F478 262 KB
87 KB 53ms
52ms Script
application/javascript 2600:9000:223d:da00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.26820753104bbfb2cc90e573a2447f47.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.af5dcff7c80ddb6cb8b656857138adf1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:da00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bf8b01a15285873abfae001dc9804d07312ad4cbb565784ec31dd82c71d1f94c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 16 Jun 2023 20:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 2045938
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 88850
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 16 Jun 2023 20:12:30 GMT
server: nginx
etag: "648cc22e-15b12"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: yDNoRoC11qemOqN-9yC-CS90VPNkZErdzhFCJZsqErXnXBkgF-Hisg==
expires: Sat, 15 Jun 2024 20:18:34 GMT

GET
H2 200 lounge.dbc47866f009f9d6f1556cd58214d9a3.css
c.disquscdn.com/next/embed/styles/ Frame 185A 233 KB
33 KB 20ms
20ms Stylesheet
text/css 2600:9000:223d:da00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:da00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

61779c74768b5eb298860ceb7d7cf06f2b228fdc53df72b530490a792a5b8a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 30 May 2023 18:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 3519852
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 33282
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 30 May 2023 18:28:53 GMT
server: nginx
etag: "64764065-8202"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: 8aj3RagK7W1PHnbDuUJFrbM5iTv9SzgyV1CBWw38ZS8XptWpqjnHMA==
expires: Wed, 29 May 2024 18:53:20 GMT

GET
H2 200 lounge.bundle.4f59045464d6bb3bde763cae39431e65.js Show response
c.disquscdn.com/next/embed/ Frame 185A 513 KB
129 KB 20ms
19ms Script
application/javascript 2600:9000:223d:da00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.4f59045464d6bb3bde763cae39431e65.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:da00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7f8e953d987dfbcdea58a375ca3bf77c141cbeb6d831a62575f2d630782c61ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 10 Jul 2023 08:31:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 14765
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 130966
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Mon, 10 Jul 2023 08:24:45 GMT
server: nginx
etag: "64abc04d-1ff96"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: xPEwTLJZVj8B0Aagw521PpoFln1cJGLSTvB2K5en-DSa5qVxljsGzg==
expires: Tue, 09 Jul 2024 08:31:26 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 185A 18 KB
19 KB 30ms
30ms Script
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5e6e72a7fdd0fac29c07c4a45ab199a77ede8cfb80e3057a94a0e8c53e316fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 10 Jul 2023 12:37:32 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 34
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 18720
X-XSS-Protection: 1; mode=block

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ Frame F478 14 KB
3 KB 20ms
20ms Stylesheet
text/css 2600:9000:223d:da00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.26820753104bbfb2cc90e573a2447f47.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:da00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ad59b3c437a380375b4205e22d9bf50856690b094d2fa425ae90971f5b58758e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 15 May 2023 21:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 4808086
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2968
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Mon, 15 May 2023 08:14:03 GMT
server: nginx
etag: "6461e9cb-b98"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: atL64yLdLgM7J7zqvnYjmNAF_3fh96xL_XB_nzsP7Rmsx77PBQFC3Q==
expires: Tue, 14 May 2024 21:02:46 GMT

GET
H2 200 recommendations.bundle.bb3216316047d5c61d9dafa6240fbf39.js Show response
c.disquscdn.com/next/recommendations/ Frame F478 65 KB
20 KB 20ms
20ms Script
application/javascript 2600:9000:223d:da00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.bb3216316047d5c61d9dafa6240fbf39.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.26820753104bbfb2cc90e573a2447f47.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:da00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5bd060c4d7413c66456b91af3b13d3a3823c90543d9ccebc7a94a892ecb36d27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 08 Feb 2023 19:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 13107575
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 20326
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 08 Feb 2023 19:27:34 GMT
server: nginx
etag: "63e3f7a6-4f66"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: HkXAF5KnF9MhaF8Iy57t9StdHS1_XMxwDxyy8HJUZjI5GK2AmWIWhQ==
expires: Thu, 08 Feb 2024 19:37:57 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame F478 18 KB
19 KB 20ms
19ms Script
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.26820753104bbfb2cc90e573a2447f47.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5e6e72a7fdd0fac29c07c4a45ab199a77ede8cfb80e3057a94a0e8c53e316fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/recommendations/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 10 Jul 2023 12:37:32 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 34
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 18720
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 185A 3 KB
4 KB 123ms
122ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=securityweek&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

dd6ecb2de64d9421f1cb5aeb28b25f287199206649273449573bc73a20b413f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&s_o=default
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 10 Jul 2023 12:37:32 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Vary: Origin, Cookie
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 3314
X-XSS-Protection: 1; mode=block

GET
H3 200 css2
fonts.googleapis.com/ Frame 185A 11 KB
874 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4dbc45bd7ed8caf2aeeae8de34e519d874987d5285c79b5b4a93a1d670a929c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Jul 2023 12:37:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 11:08:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Jul 2023 12:37:32 GMT

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 185A 3 KB
3 KB 20ms
19ms Image
image/gif 2600:9000:223d:da00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:da00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 15 May 2023 04:11:29 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
age: 4868762
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 09 May 2023 18:32:30 GMT
server: nginx
etag: "645a91be-b9b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: BB07YCuZbWpjZe1gJ_qYeG7R39lLwcGakczZw7ZkJDLRGGYqWLGC-w==
expires: Tue, 14 May 2024 04:11:29 GMT

GET
H2 200 email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
c.disquscdn.com/next/embed/assets/img/ Frame 185A 840 B
1 KB 21ms
20ms Image
image/svg+xml 2600:9000:223d:da00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:da00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 22 May 2023 07:46:28 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
age: 4251064
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 840
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 18 May 2023 20:44:46 GMT
server: nginx
etag: "64668e3e-348"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: bR-wq7OduxB84CEoxKmpNBALpNuOVNZO1lR4Sef2vKu2ZB0kRzllQQ==
expires: Tue, 21 May 2024 07:46:28 GMT

GET
H2 200 privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
c.disquscdn.com/next/embed/assets/img/ Frame 185A 891 B
1 KB 21ms
20ms Image
image/svg+xml 2600:9000:223d:da00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:da00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 12 Nov 2022 02:28:02 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
age: 20772570
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 891
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 11 Nov 2022 07:03:00 GMT
server: nginx
etag: "636df3a4-37b"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: aDjM_9NPJUIuB2De133XsZUbKcqHijcn7Spby_KFea_uuKeSq92Klg==
expires: Sun, 12 Nov 2023 02:28:02 GMT

GET
H2 200 warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
c.disquscdn.com/next/embed/assets/img/ Frame 185A 605 B
1 KB 21ms
21ms Image
image/svg+xml 2600:9000:223d:da00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:da00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 04 Dec 2022 10:05:42 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
age: 18844310
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 605
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 01 Dec 2022 19:00:29 GMT
server: nginx
etag: "6388f9cd-25d"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: RZTYnKnVNnsvpake-z9Nj93M1Sbmibi2tIS7hjnmjAaSozgiz8Dfug==
expires: Mon, 04 Dec 2023 10:05:42 GMT

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 185A 8 KB
8 KB 22ms
22ms Font
application/octet-stream 2600:9000:223d:da00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:da00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 09 May 2023 18:27:36 GMT
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
age: 5335796
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Fri, 05 May 2023 08:10:53 GMT
server: nginx
etag: "6454ba0d-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: sKgqK2_YWWkF9H-6ELoM-wlJrCpSqcebE-J_E5ftxNzdTq2UxS9m9A==
expires: Wed, 08 May 2024 18:27:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 185A 15 KB
16 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 05:19:29 GMT
x-content-type-options: nosniff
age: 112683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2024 05:19:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 185A 15 KB
15 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 22:16:07 GMT
x-content-type-options: nosniff
age: 310885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jul 2024 22:16:07 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 185A 17 KB
17 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 15:45:29 GMT
x-content-type-options: nosniff
age: 161523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 15:45:29 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 185A 43 B
339 B 853ms
117ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&integration=wordpress%203.0.23&load_time=211&event=init_embed&thread=7629071679&forum=securityweek&forum_id=294163&imp=8ai97on2he5ea2&thread_slug=north_korean_attacks_on_banks_attributed_to_039apt38039_group&user_type=anon&referrer=https%3A%2F%2Fwww.securityweek.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=prebidbidisrequired_hidden&variant=active&service=dynamic&promoted_enabled=false&max_enabled=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 10 Jul 2023 12:37:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H3 200 account_config_4.1.html Show response
my.justuno.com/ajax/ 4 KB
2 KB 39ms
38ms Script
application/json 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.justuno.com/ajax/account_config_4.1.html?callback=jsonCallback&m=0&id=A230AE4D-581E-411F-ACCB-A081243B2697&p=0&cm=0&pl=40
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecbc91caef45d6527347392a7e67754c5e7e3cf8c99395bf0d387fb1fe4dc8c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:32 GMT
content-encoding: br
cf-cache-status: HIT
age: 913
p3p: CP="CURa ADMa DEVa TAIa CONa OUR BUS DSP NON COR"
alt-svc: h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 10 Jul 2023 05:22:19 PST
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; Charset=UTF-8
cache-control: no-store,private
cf-ray: 7e48dbce0aea9042-FRA
access-control-allow-headers: X-CSRFToken, x-csrf-token, x-rover-source, X-Requested-With, origin, content-type, accept
expires: Mon, 10 Jul 2023 12:22:19 GMT

GET
H2 200 findp Show response
aly.justuno.com/api/session/ 1 KB
836 B 187ms
165ms Script
application/javascript 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aly.justuno.com/api/session/findp?callback=jsonFindCallback&accid=A230AE4D-581E-411F-ACCB-A081243B2697&genhash=&device_static_hash=&userid_hash=&pageId=tds4wv&guid=&time=0&segment=0&language=en-US&camefrom=&thisurl=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36&sw=1600&sh=1200
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 937db94bc968ec667e89791a4743d92d073e9b640fc6db46122a829332347189

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: DAV, content-length, Allow
access-control-allow-credentials: true
cf-ray: 7e48dbce2d2f1959-FRA
access-control-allow-headers: X-CSRF-Token, x-rover-source, origin, x-requested-with, content-type, accept, cache-control
alt-svc: h3=":443"; ma=86400

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307060101&jk=1594850320398092&bg=!Q0ClQBTNAAb90kgr3dI7ADkAdvg8WoEHWZKJE7a8es5m9QiAg7QVbKgXtmH7zGC5Arrrg7gAwo2FPbjLm1aBqBxReo0afmAHhMQCAAAAk1IAAAAPaAEHCgAiWbsrUhBcbGWkmUuJz3cAruzmdJz1MnCX97ALoqblwpPJ6JkCsGjJ_G6cpAIZex57mKg3_-FhhtPtWJzmFpCuYyhqbSAXZYy7MkHw9zt42jqbCOZ6itUfC0UKTrb6M2sEzD20GOxvKRynnfbY7fjFUX1LgzeIwGY7ii94IC8DqYA70G2YqyNMvdz24r_7oH_Sr2qp1nPQO-Fe1Ow1tx4WZluH6mrITl6Ut8COUtEW8G_uNwgtNBS34Ol57GM5Q-qMjAPgtO614GLHCIclsg6E2-3A1tx5lfUPGCH7zZ_k1bAhExYCfsuXcI7W12harPpBndY0QMHy203CJKc-yurdEGemOTDQfSpZoFsET81we84Q9GMDPFTuSA93B9OYb-EZ8KfI-2VRMs3yAi-tvGyJrOQdGM7WRkC94OIFRYc4UKWdR-KcNxT82NjGeqZkON8Sw5n6AUyid2lSFfSgSUD-VbAmA3SnxWdWnLFj--Qj2dYbaKtqpKxUTDUDUtPtuJZTZUYQBVEwNfMf54srLiaHr971IkOyMwrf0nd_p5NbmRV3Ua5FJ60gypH92fy-alU4hGD_JJW3W-bAsBc9Npbyjq6S5Vp3XkfHa5NMyNP3LCpMWiG81VcuJ0Jo5VAqydNn8BRDzywKce5-0vOYS1M9ARqeacZWG6iWtncus7kXRZ9LYGfCauZqHBcISpQsYYuDTEEqLcDKylh8m2oGJ_BiilwAJIiEAc_i4RbU2P7ve4j4M_l8m7IHqqiIbCII0DXVVrUvL_DEGl2U7SC3j7hNkFCK_BYCZXaO9l0upX2T32JLKswipf0Yn9Cs9IdAgTCnrwEGQgUCGrVu7ca2VqbdObNA2PBvzYWN6KEKc8wl4UJH51Ehy4lkcsjZ447nU18ZbqxMkwGkoLRvmO13T47AotTOufhpxXkAz7zjDrJB2sQBVyLvTgYOsf5zkyWHJlFJplwP6Fs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 ;MID=179018;type=v959fb862;placementID=2118090;setID=593294;channelID=0;CID=775056;BID=521108512;TAID=0;place=0;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-a... Show response
ads.securityweek.com/adserve/ 0
341 B 40ms
39ms XHR
text/html 78.159.97.6
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.securityweek.com/adserve/;MID=179018;type=v959fb862;placementID=2118090;setID=593294;channelID=0;CID=775056;BID=521108512;TAID=0;place=0;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F;mt=1688992651597826;hc=428a9690b51293509451ca55754a36920e963290

Requested by

Host: ads.securityweek.com
URL: https://ads.securityweek.com/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

78.159.97.6 Sigmaringen, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 12:37:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.securityweek.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame F478 3 KB
4 KB 21ms
21ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=securityweek&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.26820753104bbfb2cc90e573a2447f47.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

dd6ecb2de64d9421f1cb5aeb28b25f287199206649273449573bc73a20b413f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/recommendations/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 10 Jul 2023 12:37:33 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 1
X-Frame-Options: SAMEORIGIN
Vary: Origin, Cookie
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 3314
X-XSS-Protection: 1; mode=block

GET
H3 200 store_4.1.html Show response
cdn.justuno.com/ Frame FD2C 2 KB
1002 B 37ms
36ms Document
text/html 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.justuno.com/store_4.1.html?v=5.72
Requested by: Host: cdn.justuno.com
URL: https://cdn.justuno.com/mwgt_4.1.js?v=5.72
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c189dd46df7ab8b489d4a3238defd7975ad02f114eb3f72fedadeb6fde7cbe0

Request headers

Referer: https://www.securityweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: max-age=700000
cf-cache-status: DYNAMIC
cf-ray: 7e48dbd28ff79042-FRA
content-encoding: br
content-type: text/html
date: Mon, 10 Jul 2023 12:37:33 GMT
last-modified: Tue, 31 Mar 2020 15:31:26 GMT
server: cloudflare
vary: Accept-Encoding
x-77-cache: HIT
x-77-nzt: AZySIYgLG8D/po0DAA
x-77-nzt-ray: f6587a1d67ec6d818dfbab64ffc3b00c
x-77-pop: frankfurtDE
x-accel-date: 1688759783
x-age: 232870
x-amz-id-2: I8+Gj1p7RfnXg//zDAFCS95EZV4LmmKCBAjl+/I6jtIG5lgCDO0ZZWqWlfCziHsMnZpdR2ka9tU=
x-amz-request-id: H3FGRXTBK96RK89B
x-amz-version-id: n8._QaxL6VauG4hu9U02QXwqY3LVnM24
x-cache: HIT

GET
H3 200 css2
fonts.googleapis.com/ Frame F478 11 KB
874 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4dbc45bd7ed8caf2aeeae8de34e519d874987d5285c79b5b4a93a1d670a929c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Jul 2023 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 11:17:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Jul 2023 12:37:33 GMT

GET
H/1.1 200
OK listRecommendations.json Show response
disqus.com/api/3.0/discovery/ Frame F478 7 KB
8 KB 22ms
22ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=securityweek&thread=ident%3A16121+https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.26820753104bbfb2cc90e573a2447f47.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

39bef9411ccd5dee3e0f83b332f395533955e1cad9d64b627c7fff01981aff60

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/recommendations/?base=default&f=securityweek&t_i=16121%20https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_u=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F&t_e=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_d=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group&t_t=North%20Korean%20Attacks%20on%20Banks%20Attributed%20to%20%E2%80%98APT38%E2%80%99%20Group
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 10 Jul 2023 12:37:33 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 2040
X-Frame-Options: SAMEORIGIN
Vary: Origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cache-Control: stale-while-revalidate=450, public, max-age=1800
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 7206
X-XSS-Protection: 1; mode=block

GET
H2 200 get
c.disquscdn.com/ Frame F478 20 KB
20 KB 22ms
22ms Image
image/jpeg 2600:9000:223d:da00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.securityweek.com%2Fwp-content%2Fuploads%2F2023%2F06%2FWater-System-Cybersecurity.jpg&key=dATrztnH9YGIdH6-12QNYQ&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:da00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

98cd298d229934c00442aa9316f69ba3fb5743500c8c1e59bd4d33862377d39a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 08 Jul 2023 14:50:22 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P3
age: 250993
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 20004
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQ3tRaN03dweCD0bXu5KNCSuEo3WvtMmQYO%2F4H%2BY1YilmCzz0vhkA2Wgi5UzwO2kKLuBURpILtzNLwtzFms6fca%2Bc1FCc%2BRsGOuekiUx2tqChVDwopr%2B9dDq6pxd5wyG1A3FGBmaQdAqllyNvhVpnIoa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: V2VsTyo6-YnrG5Wpdm2AKwfHuNFnkeLY9PS9p9iffqe9aBHRQlkSRA==
expires: Mon, 07 Aug 2023 14:50:22 GMT

GET
H2 200 get
c.disquscdn.com/ Frame F478 11 KB
12 KB 26ms
26ms Image
image/jpeg 2600:9000:223d:da00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.securityweek.com%2Fwp-content%2Fuploads%2F2023%2F01%2FCybersecurity_News-SecurityWeek.jpg&key=OHuLlFkvz6yG7koQwAk7gA&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:da00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

31a70ac053fb9095fecfab31d7fed0ee075826150483ba25283082f960f5c8ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 30 Jun 2023 09:24:34 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P3
age: 11775892
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 11377
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C37%2BuPzHjRwvp2pbLLOTmiuVwrxHbG%2BXRlo6riQXH8LDL4SevjSjFatFbbEXB7ulpU9Op0%2Fe4YUVUMMU8%2FPmMCRB2Jvk3CuWyvyMC2Hj6C%2BRDKeWMPBmky42FadqLy6H2qx3jNnM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: P_HcRsTm-8tT62XNpBZn-I_65wJMb2fMGGWbK9GiIH5_18PF1Qa0Yw==
expires: Sun, 30 Jul 2023 09:24:34 GMT

GET
H2 200 get
c.disquscdn.com/ Frame F478 8 KB
9 KB 23ms
23ms Image
image/jpeg 2600:9000:223d:da00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.securityweek.com%2Fwp-content%2Fuploads%2F2023%2F06%2Ffile-transfer-Moveit.jpg&key=W5KTYGZG9MLAXsfr-zBDGg&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:da00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a33537492bdd813d30f883cd45e97796e0e6961de3d9efc3c360f5f9521166a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 20 Jun 2023 10:21:31 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P3
age: 1814687
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 8469
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpNUziGckXw3%2FqvKxt2x4J%2FXABp8fYYQRRwG7dP9Y0xDPveauw%2FkGpa%2Fp7RMjHxUkq554JzhVnHJd4PFWh9a%2Bolkv52N%2B4wCFWgwe40MyCfLLTpLreI3H2QeQwcYIaQIrMa6r6OY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: fieq_3D0JFabvjCr6VvtrcPYznWpLrIOkxsAkVnKmgN7QC1r-_ETrQ==
expires: Thu, 20 Jul 2023 10:21:31 GMT

GET
H2 200 get
c.disquscdn.com/ Frame F478 44 KB
45 KB 24ms
23ms Image
image/png 2600:9000:223d:da00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.securityweek.com%2Fwp-content%2Fuploads%2F2023%2F07%2FPiiGAB-vulnerability.png&key=ckh4XRmS40dOE0fi3OHe1w&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:da00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

96c76ed16bb2bdcee02b58e818144d0b22f2d93c39e61f26f5fc85aacd1f83f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 08 Jul 2023 13:04:25 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P3
age: 256868
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 45025
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6EAYwf45l2sw73BMSZFThzDWirt59Dc536XcZOBcuC8GW7irpoKhbourWLVJYiOrYL1vnyb1LAj%2FBzRvjQilHu56uCOTzHoy2l7Zk9WK9YDTJQMvk7uv%2FI3u4ZQtVPSiXBvr46%2FB2UCWzqi4bzbWls%2B0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: QOXiHG96yLX3dOsnOL8oWfehSanGVf1f4q7Zq7NWHkCj_VDjDft6Wg==
expires: Mon, 07 Aug 2023 13:04:25 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F478 15 KB
16 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 05:19:29 GMT
x-content-type-options: nosniff
age: 112684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2024 05:19:29 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F478 16 KB
16 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 18:58:23 GMT
x-content-type-options: nosniff
age: 149950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 18:58:23 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F478 15 KB
15 KB 30ms
30ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 22:16:07 GMT
x-content-type-options: nosniff
age: 310886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jul 2024 22:16:07 GMT

GET
H3 204 /
www.securityweek.com/wp-json/pum/v1/analytics/ 0
652 B 651ms
651ms Image
image/gif 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.securityweek.com/wp-json/pum/v1/analytics/?event=open&pid=33999&_cache=1688992653903

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/north-korean-attacks-banks-attributed-apt38-group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:37:34 GMT
x-cache-group: normal
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-cacheable: SHORT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: WP Engine
x-cache: MISS
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding,Cookie
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZnFaOwH%2BeWeTSDkXY0qZTB00BXQcq6VH3PeKKNUUaKf2p2DSE1wCltju%2FgFUQ1HYJZsPkMIBCs6ldpGXPADcRoJgzUQCaLXX8ESL74j5hBoD7OaDHyKdbe0MpktIl6Bw16LsG4OGTOuOYvGBFWTYClr"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=600, must-revalidate
x-robots-tag: noindex
link: <https://www.securityweek.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray: 7e48dbd6f98635e5-FRA

GET
H2 200 ;MID=179018;type=v959fb862;placementID=2114926;setID=479628;channelID=0;CID=773887;BID=521099255;TAID=0;place=0;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-a... Show response
ads.securityweek.com/adserve/ 0
341 B 39ms
38ms XHR
text/html 78.159.97.6
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.securityweek.com/adserve/;MID=179018;type=v959fb862;placementID=2114926;setID=479628;channelID=0;CID=773887;BID=521099255;TAID=0;place=0;referrer=https%3A%2F%2Fwww.securityweek.com%2Fnorth-korean-attacks-banks-attributed-apt38-group%2F;mt=1688992651597051;hc=ea1d8de7a473f75c85abf7f5b4b3d55168a08421

Requested by

Host: ads.securityweek.com
URL: https://ads.securityweek.com/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

78.159.97.6 Sigmaringen, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.securityweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 12:37:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.securityweek.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

400 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.securityweek.com/	1970-01-20 13:09:54	Name: _ju_v Value: 4.1_5.72
.securityweek.com/	1970-01-20 13:11:19	Name: _ju_dm Value: cookie
.securityweek.com/	1970-01-20 13:53:04	Name: _ju_dn Value: 1
.securityweek.com/	1970-01-20 22:45:52	Name: _ga_M1YM36C8RW Value: GS1.1.1688992651.1.0.1688992651.0.0.0
.securityweek.com/	1970-01-20 22:45:52	Name: _ga Value: GA1.1.162994869.1688992651
.securityweek.com/	1970-01-20 22:45:52	Name: _ga_9QV8NZWNBC Value: GS1.1.1688992651.1.0.1688992651.0.0.0
.doubleclick.net/	1970-01-20 13:09:53	Name: test_cookie Value: CheckForPermission
.securityweek.com/	1970-01-20 22:31:28	Name: __gads Value: ID=75086ad2ab4ead05:T=1688992651:RT=1688992651:S=ALNI_MY4BcEEPAOwnYBy4JoH6kmpW7_BhA
.securityweek.com/	1970-01-20 22:31:28	Name: __gpi Value: UID=00000c3b7a8651a3:T=1688992651:RT=1688992651:S=ALNI_MYd1UOkqzQO4KYClU47GcFTTYMagQ
.hubspot.com/	1970-01-20 13:09:54	Name: __cf_bm Value: xZ2BHYcwGBfFhOlglGDA.Jb4vu.jkyh46.N4nOEqK3U-1688992651-0-AeR51htj9qZmH9CmEzO5hYrr01S5gCBthrLnZ77OcUaRds0oIQMqCXEvbnl2Wv/rZumCpe9ln/6/AgMWxn5cKOA=
aly.justuno.com/	1970-01-20 13:09:54	Name: __cflb Value: 0H28w1Xe92a6MDGAYhYGUbMVfnMfYFDdBQpUpxa2JuB
.securityweek.com/	1970-01-20 21:55:28	Name: _ju_dc Value: 8a5eb316-1f1e-11ee-abe8-f3235d5b971e
.securityweek.com/	1970-01-20 13:09:54	Name: _ju_pn Value: 1
disqus.com/	1970-01-20 13:09:54	Name: __jid Value: 8ai97p62mmo8g5
.disqus.com/	1970-01-20 21:55:28	Name: disqus_unique Value: 8ai97r937nj7nq

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9f680d97fa27aa6285466d0d84937ff2.safeframe.googlesyndication.com
ads.securityweek.com
adservice.google.com
ajax.googleapis.com
aly.justuno.com
c.disquscdn.com
cdn.justuno.com
disqus.com
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hsforms.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
my.justuno.com
pagead2.googlesyndication.com
referrer.disqus.com
region1.google-analytics.com
securepubads.g.doubleclick.net
securityweek.disqus.com
static.cloudflareinsights.com
tpc.googlesyndication.com
track.hubspot.com
use.fontawesome.com
www.google.com
www.googletagmanager.com
www.securityweek.com
151.101.192.134
199.232.192.134
199.232.196.134
2001:4860:4802:34::36
2600:9000:223d:da00:6:8656:f5c0:93a1
2606:4700:20::ac43:61a9
2606:4700::6810:3965
2606:4700::6810:8ace
2606:4700::6811:6cc7
2606:4700::6811:cb35
2606:4700::6811:d5f3
2606:4700::6812:19c4
2606:4700::6812:853b
2606:4700::6813:9b53
2606:4700:e2::ac40:850f
2a00:1450:4001:800::2008
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2003
78.159.97.6
002d4e61d6efae0d93d62d4c12576e427302f32361e675aaffa3691ecd9ae17d
023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c
03162119b88f02a4d3e49eaabb688d4a2deea589bee997f84613fabf7f79bcd1
040d078097e2a488708bd4b4b705a6ce26e7bb61dfb16cc294301083f3cb6e2a
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
07a391e09587513aa78421c34ed482a17a5e003c2132edd96227d53831a131b0
0803977e647dbdb41c98b4318386f697591604f184a59fcafec52ffba1f6bdef
0978438d354ec5e681207be25f53c69b24700125938105927de69dc0e55bcd48
09fdc021cb9b691ac0481ed0960f7d9e24e04d18ac8143fbcbe0b23c717188fd
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
15f8c4e92ee10d8a0de4cf218c6539722d0f721147cb1526972120af64163005
189f20ed03b45185e18abcd31209e01ba74145516ac1ced38e9c924bf8d08e91
18a433a2bd904be76b68dd34f7f93e4bf6870f8cd0077648eee4c527220f44cb
1f64e05d315830f4098f8cf31c24c5e26397384d785bda84b0115ed6073c50b6
22bb1253ebf8405c69bdf9d628ab472e02e1f6a06d3eb07bd171494f6c3b6aea
24ca94366d2777c45544e38e8592d63ee8fcc89b406bc3fe717a514512508a85
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2793a7736c4421efb5ec1f639c9b19a081a6b7a91097d4459149fab67c47b9ae
2d7fe1edfe0835429f5f50fa1b03e99bbc8a49041cab3e8e2066381986a253e9
31a70ac053fb9095fecfab31d7fed0ee075826150483ba25283082f960f5c8ca
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
351a451c4a824da8e050c610f4092fe424479e3091620af618fd15f91455fe6c
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
35fa213f71b954999771aef54be9c8a4c7d793353ea3f575cb116d00dd58f2b9
36380ba65c78f1e8a6ee7fd115d7053e7e0ba33f4a5fa1c79d05042fc5db85b0
37f724a365094e5859ef50dba7afe3764412c6cc9931a8abd7d9dc85751fd881
39bef9411ccd5dee3e0f83b332f395533955e1cad9d64b627c7fff01981aff60
41514feeb38f4f3d0fcc41d00d04c744e0e534930b030ca6efc0eedb892022ea
42656c5a534309426b3c5452b07c4013df29165e754e36e51d724ad962bebc1f
42f8505b4b6d5476091672c8ebc27d1ed2b9d21a68890145135578a6737ef053
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4cc53e4cc0a4fc6d0b65f041d8a291c6ebe22d81700788dd2a15d76c4dafb847
4cd14927179cd88891fae3057a4ce4a7cf499af73f65c3b2e83f32e1598c0288
4dbc45bd7ed8caf2aeeae8de34e519d874987d5285c79b5b4a93a1d670a929c4
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
52d0ac131db1f449986c81449f2cc3a2bdd6373bc0f107915c5bcc4bb5ff7cef
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
558cc235d4a597a8ec28daee4279486fdd17bc7431b2e15e4634fec0117860c4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5908fcde877391edcd33adfdcdf55890d793c2b025c75becdaa45220f86588ca
594a9ae0946c65c5b0d44f36c80bd30e19748d90cc50129910d69642cb80825e
5a43616353f66acf8abddfed211efd923f62fc55f5a75c6c192513799e2751d2
5bd060c4d7413c66456b91af3b13d3a3823c90543d9ccebc7a94a892ecb36d27
5c189dd46df7ab8b489d4a3238defd7975ad02f114eb3f72fedadeb6fde7cbe0
5e6e72a7fdd0fac29c07c4a45ab199a77ede8cfb80e3057a94a0e8c53e316fb8
5f50b7e2dd83cfd38b606d2eb70bcb99dd4d4c462295db0baecaeabe7812e8f7
5fca95b24818f6d49927151bece29ed04d9137b3ddde4fcdeae182ca0288c60c
60631ed8f1dfa6713ff9e30fec41786aadc477c0cac5a75dca66b5a49f76b901
61779c74768b5eb298860ceb7d7cf06f2b228fdc53df72b530490a792a5b8a59
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
643e504c5417068283c7ba2a2e348b0f6c12da9e7b328470424453466d69efa1
6631e2597f0a7c814db686a76a0f8e2aedc605f3d72f26fdcfc94cc93a4d40b3
67e380395b14a5ac48faabd1838b4e6fd75b01682364f987dc8948975838837c
6a51a6d6bd79870b6abd5772686659f2b8ecd22cdb0a6ceda0e87295ac284414
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
706e4d8669d29a9e13cfb13a59b6c1341ec80a08c9c10eaa465756366006f327
71a9929c39f7b0020a343a7cd3685ae547fba1f21596f7982ed2c1ded802be03
794a3f88df27cdece064dcaa4ce73387648f766d52210b1b20cf2f50e974b8ff
7d5bf3f8dc9d9dcd608393de3bd8afbeedd5077039b595aaba4529064dbcbe89
7d8fb4417a8880d05930065c79ad4f70bfaae7c9279dae41c16e5b148793fe82
7d9b7ee9ae860b2f27e08578dacc166269ab838417994fb62c568ff40245b5a3
7e423a106197def7cbfe1ae2142caf48a39478ddfd3e4e81b7cb033db5bea3c1
7f8e953d987dfbcdea58a375ca3bf77c141cbeb6d831a62575f2d630782c61ce
809ec973a018b6bf8ac18e74bfffc3d25182e6f44df00128d531cf3e07570ee6
84a0cc2980f8f000ab8190daf3e806d0d8882c22df0f51b69debf18273b6f97d
8ba408a4d3b64cb9dbc33e42c3123e4be5d34297a2320933eac392a9e102825c
8c09f40aa9ac3105f86ea363d58ad2a81f5d5741b810786a1a6291e7dd9d43ad
8e59456a560f58d0b6b7934bfc06e0b2faee5d61e2bdb10eef541dd66bfebe0d
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
8fe36fa908b34f9ade012f62e4abfc6c563b2cc66aa8201b5aabd78b5663b747
91bbc128851e65442a70a7e12e55068d75d7e9b0514c5c9cb7c15fe770cf8899
937db94bc968ec667e89791a4743d92d073e9b640fc6db46122a829332347189
96c76ed16bb2bdcee02b58e818144d0b22f2d93c39e61f26f5fc85aacd1f83f2
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
989934f975edb65dc96fce979cc86bf8d5a9453e6113df99622609381ce175d5
98cd298d229934c00442aa9316f69ba3fb5743500c8c1e59bd4d33862377d39a
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7
9d7c24cb3877d3352b2f3f29ad6e2aee0418556546acaf0dd5c9bcda16f55e0c
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a018ab767f279fb68391322c42eacc40517f6a8daa29fedeb4e6b44848917a92
a33537492bdd813d30f883cd45e97796e0e6961de3d9efc3c360f5f9521166a4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bddb9535f5e3fe9e500616b2f1e4b10e1a5930a197848966a7c316838570a0
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
a7c860a1505343bc4dc80a473bfe23f625da447d71af4db67b529065295d5171
a83f279ffab2866365df78e9244339e46d7752b13e43db75ca5200f9a0ec07e3
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ad59b3c437a380375b4205e22d9bf50856690b094d2fa425ae90971f5b58758e
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6
b511690cdc08f45b653de11f88450e329843818d85f3b2ef9f0e4062fd2ced8c
b6517ef34881c399f4ead04233ff1c198954537e96068e03e5afdde5b9b39f24
b7c91227ed1cf1d83d32996e4e61a4f77dbdbbc9920a3a29f5ab522d237c74b7
b8dbf228fd3b96810997d6d3e8b9e55e4b183cf9e3c8abe9407fcf1ad58a6979
bbf94e5438333ae008e9b742cf1dd74dd310f7385ebe6f9ef4fdc82976de34a6
bf8b01a15285873abfae001dc9804d07312ad4cbb565784ec31dd82c71d1f94c
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c47493311effe3020f3e9d2d1efc214fbd84861a1b7410ce17dc9d24273b6911
c54ab568b73e88af409e7615e9c6730d701234ebe9d64b131a08fccb0bef3deb
c6a6ecd56ebd86c4bf8099f38d4acebb360dce6b8ed3b8beebf34e9845510033
c901e4c09c6bc073c66983e5740b7769d3ff9f40c8018caafe08ddd625fc41df
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
cb6d935c5494a7d6121e463f319ac4882f805d38989d6dac70ec84a29a203d2e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf01342c724e6c0d84e911d3451b078576a3208c7300378ef80138089e6d79e9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cffd41a354fcf84a2694e117f70a949a920d0de2313f603a5dbaecd7b8cf5d6f
d076633408bf78e086b9125a46176d2fdeaf3a5d5b52bb9b3a9d562cea646006
d0b1517dc148ec4fdcceacae881103ffa7e54e74c32c7dcde5cdc9826ea735de
d23fd6a13b657ba55789f4a8b098f72d86e253917a83af15a2e4e6ed23a9e5c9
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
da343c70bf28bee6a1a9238dd5147b190b675a523e525e9a52b2bd9aaf48e4e1
dbf7c9bddb9ee180560fa0a36e9d0713aeb6357dd8f79ee9ab31bb9246655136
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dd6ecb2de64d9421f1cb5aeb28b25f287199206649273449573bc73a20b413f2
df70b40750b32dd5f0644635c1922bb61b37f5013881c0386ccd0b742a643636
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2f925db6119917230e885b016055a6a324d33b10585d5c7f106665ec157754e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
e4cc94b363c56c58b41c39282ca5728110a71e97c1eb51d03a8b6c98536d5727
e504e9f649813734dd00f332c49ad8a7b96929b4ee751f8b69c87599c98d23dc
e592c6b2e3819e7031fe3de8cc419d76860debb304aacc26c5c8f44c23c7f990
e71d11284fe33d09fe11d031d1517b0383750bc5dba2faf77e87f42a609a1b68
ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b
ec7456ce96879ccb2d875f9a7d337b8ee958fee1f5c6e21660712b5c14b1c8c2
ec99dd07af5b4a5e3b072e941d355bdbfa1db688555cd4100ab61caa2b0bc25d
ecbc91caef45d6527347392a7e67754c5e7e3cf8c99395bf0d387fb1fe4dc8c0
ee5d15d9b1f5bfa5869678f288b9e829239f719ec5cb4ff8345979eb9001870c
f1ad56a192cfb796852af711e1326b02a9af338326a60fe291ca65fe8763ddda
f2914edb33157588c8d440c36f1ea06652c133febd1719a344d79d078ec6c41a
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f54b61a120e0240c98428d76beab031099f4f0379cbc623de071277255088fdc
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5d7f5b78fee27753067d462ffc86f7d17d33d67f54354e86469067ba93d3903
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1
f7b4f4c6aced0be2cc9004285b53f58cf62f74012a321e86938f12719fe1113a
f7cea32499cc55e5232ec287c438644afef28297f4248958ee32906dd34ae5f8
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
fa433b899311f6fcb718687df51be730a5a7a3c6ce4dc2474ff26a383307b2ca
fb0ad3d12da61ddc15d083c3d817537463de467626e2e2a528022a7891b481f7
fb4bd4419d686ab440d7ceb2101dcd4155b4f18a12c99052a44fb503c349afed
fbac39d3d3370e9ea0816fd757737e3d0ea6d4c30a4dbc61df4b89f38a64dee5

www.securityweek.com Open in urlscan Pro 2606:4700:20::ac43:61a9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

176 Requests

100 %HTTPS

85 %IPv6

19 Domains

29 Subdomains

26 IPs

2 Countries

2979 kBTransfer

6655 kBSize

15 Cookies

23 Outgoing links

Page URL History

Redirected requests

176 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.securityweek.com Open in urlscan Pro
2606:4700:20::ac43:61a9 Public Scan

Screenshot
Live screenshot

Full Image

176
Requests

100 %
HTTPS

85 %
IPv6

19
Domains

29
Subdomains

26
IPs

2
Countries

2979 kB
Transfer

6655 kB
Size

15
Cookies

176 HTTP transactions
0 data transactions