symantec-enterprise-blogs.security.com
Open in
urlscan Pro
2606:4700:10::6816:31d7
Public Scan
Effective URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/fastcash-lazarus-atm-malware
Submission: On September 30 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 9th 2022. Valid for: a year.
This is the only time symantec-enterprise-blogs.security.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700::68... 2606:4700::6812:59e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
28 | 2606:4700:10:... 2606:4700:10::6816:31d7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 2606:4700::68... 2606:4700::6810:9440 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 151.101.129.181 151.101.129.181 | 54113 (FASTLY) (FASTLY) | |
1 | 2606:4700:440... 2606:4700:440e::6812:2fe6 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:808::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 13.224.189.114 13.224.189.114 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2606:4700:440... 2606:4700:4400::6812:2962 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6813:9408 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
47 | 9 |
ASN13335 (CLOUDFLARENET, US)
symantec-enterprise-blogs.security.com |
ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-114.fra2.r.cloudfront.net
js.driftt.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
security.com
symantec-enterprise-blogs.security.com |
506 KB |
7 |
cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 419 |
123 KB |
2 |
crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 1735 |
3 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64 |
144 KB |
1 |
onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 681 |
393 B |
1 |
driftt.com
js.driftt.com — Cisco Umbrella Rank: 5169 |
61 KB |
1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1029 |
5 KB |
1 |
vidyard.com
play.vidyard.com — Cisco Umbrella Rank: 9597 |
49 KB |
1 |
symantec.com
1 redirects
www.symantec.com — Cisco Umbrella Rank: 71070 |
645 B |
0 |
Failed
function sub() { [native code] }. Failed |
|
47 | 10 |
Domain | Requested by | |
---|---|---|
28 | symantec-enterprise-blogs.security.com |
symantec-enterprise-blogs.security.com
static.cloudflareinsights.com |
7 | cdn.cookielaw.org |
symantec-enterprise-blogs.security.com
cdn.cookielaw.org |
2 | script.crazyegg.com |
symantec-enterprise-blogs.security.com
script.crazyegg.com |
2 | www.googletagmanager.com |
symantec-enterprise-blogs.security.com
www.googletagmanager.com |
1 | geolocation.onetrust.com |
cdn.cookielaw.org
|
1 | js.driftt.com |
symantec-enterprise-blogs.security.com
|
1 | static.cloudflareinsights.com |
symantec-enterprise-blogs.security.com
|
1 | play.vidyard.com |
symantec-enterprise-blogs.security.com
|
1 | www.symantec.com | 1 redirects |
0 | truncated Failed |
symantec-enterprise-blogs.security.com
|
47 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.broadcom.com |
twitter.com |
www.linkedin.com |
www.us-cert.gov |
www.symantec.com |
www.fbi.gov |
software.broadcom.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-09 - 2023-06-09 |
a year | crt.sh |
cookielaw.org Cloudflare Inc ECC CA-3 |
2022-05-01 - 2023-05-01 |
a year | crt.sh |
*.vidyard.com GlobalSign Atlas R3 DV TLS CA 2022 Q3 |
2022-09-27 - 2023-10-29 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
drift.com Amazon |
2022-08-24 - 2023-09-21 |
a year | crt.sh |
onetrust.com Cloudflare Inc ECC CA-3 |
2022-01-12 - 2023-01-12 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/fastcash-lazarus-atm-malware
Frame ID: D2CC0615019DABEDD8278E4028151988
Requests: 44 HTTP requests in this frame
Screenshot
Page Title
FASTCash: How the Lazarus Group is Emptying Millions from ATMs | Broadcom Software BlogsPage URL History Show full URLs
-
https://www.symantec.com/blogs/threat-intelligence/fastcash-lazarus-atm-malware
HTTP 301
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/fastcash-lazarus-atm-malware Page URL
Detected technologies
Cloudflare Browser Insights (Analytics) ExpandDetected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Crazy Egg (Analytics) Expand
Detected patterns
- script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
OneTrust (Cookie compliance) Expand
Detected patterns
- cdn\.cookielaw\.org
- otSDKStub\.js
Page Statistics
18 Outgoing links
These are links going to different origins than the main page.
Title: Broadcom Home
Search URL Search Domain Scan URL
Title: twitter
Search URL Search Domain Scan URL
Title: linkedin
Search URL Search Domain Scan URL
Title: an alert was issued by US-CERT, the Department of Homeland Security, the Department of the Treasury, and the FBI
Search URL Search Domain Scan URL
Title: US$81 million theft from the Bangladesh Central Bank
Search URL Search Domain Scan URL
Title: WannaCry ransomware
Search URL Search Domain Scan URL
Title: Trojan.Fastcash
Search URL Search Domain Scan URL
Title: the 2014 attack on Sony Pictures
Search URL Search Domain Scan URL
Title: CVE-2017-0144
Search URL Search Domain Scan URL
Title: CVE-2017-0145
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: twitter
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Cookie Policy
Search URL Search Domain Scan URL
Title: Data Processing and Data Transfers
Search URL Search Domain Scan URL
Title: Supplier Responsibility
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Sitemap
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.symantec.com/blogs/threat-intelligence/fastcash-lazarus-atm-malware
HTTP 301
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/fastcash-lazarus-atm-malware Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
47 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
fastcash-lazarus-atm-malware
symantec-enterprise-blogs.security.com/blogs/threat-intelligence/ Redirect Chain
|
50 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OtAutoBlock.js
cdn.cookielaw.org/consent/301196e0-93ad-473e-a572-975514574496/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v4.umd.js
play.vidyard.com/embed/ |
189 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.c670739dc9fc3158.css
symantec-enterprise-blogs.security.com/blogs/ |
206 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
symantec-enterprise-blogs.security.com/blogs/assets/ |
6 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GettyImages-490662149.jpg.webp
symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_hero_wide/public/2018-11/ |
41 KB 41 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
author-profile-default.jpg.webp
symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_author_avatar_small/public/2017-10/ |
2 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FASTCash%20Infographic.png.webp
symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_inline_medium/public/2018-11/ |
43 KB 44 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
author-profile-default.jpg.webp
symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_author_bio_large/public/2017-10/ |
12 KB 12 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Hero-970293696.jpg.webp
symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_hero_related_large/public/2022-09/ |
16 KB 16 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Hero%20Image.jpg.webp
symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_hero_related_large/public/2022-09/ |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Hero-1302370712.jpg.webp
symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_hero_related_large/public/2022-09/ |
6 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Hero-1340004005.jpg.webp
symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_hero_related_large/public/2022-09/ |
15 KB 15 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo--white.svg
symantec-enterprise-blogs.security.com/blogs/assets/ |
6 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.f10c96d81f192a0d.js
symantec-enterprise-blogs.security.com/blogs/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.c12a23cb6bcac72a.js
symantec-enterprise-blogs.security.com/blogs/ |
33 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.cca082ca6e995b45.js
symantec-enterprise-blogs.security.com/blogs/ |
625 KB 177 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ |
14 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
301196e0-93ad-473e-a572-975514574496.json
cdn.cookielaw.org/consent/301196e0-93ad-473e-a572-975514574496/ |
4 KB 2 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
260 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search.svg
symantec-enterprise-blogs.security.com/blogs/assets/icomoon/ |
407 B 348 B |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.svg
symantec-enterprise-blogs.security.com/blogs/assets/icomoon/ |
688 B 458 B |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
globe-americas.svg
symantec-enterprise-blogs.security.com/blogs/assets/icomoon/ |
6 KB 2 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
envelope.svg
symantec-enterprise-blogs.security.com/blogs/assets/icomoon/ |
673 B 470 B |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter.svg
symantec-enterprise-blogs.security.com/blogs/assets/icomoon/ |
801 B 514 B |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkedin.svg
symantec-enterprise-blogs.security.com/blogs/assets/icomoon/ |
667 B 452 B |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
share-alt.svg
symantec-enterprise-blogs.security.com/blogs/assets/icomoon/ |
550 B 376 B |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
compass.svg
symantec-enterprise-blogs.security.com/blogs/assets/icomoon/ |
313 B 295 B |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.svg
symantec-enterprise-blogs.security.com/blogs/assets/icomoon/ |
502 B 331 B |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kznvvwk7m85s.js
js.driftt.com/include/1664568300000/ |
214 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gotham-Book_Web.c0be4f688bed0ce5.woff2
symantec-enterprise-blogs.security.com/blogs/ |
41 KB 42 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gotham-Medium_Web.b1fabe02e79b995a.woff2
symantec-enterprise-blogs.security.com/blogs/ |
41 KB 41 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gotham-Bold_Web.4ba9de78728ce5f9.woff2
symantec-enterprise-blogs.security.com/blogs/ |
38 KB 38 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ |
182 B 393 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.39.0/ |
372 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
cdn.cookielaw.org/consent/301196e0-93ad-473e-a572-975514574496/a8f0ba8f-9627-4385-b7af-d3d443ea5fb9/ |
56 KB 14 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otFlat.json
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ |
13 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ |
22 KB 5 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
184 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2903.js
script.crazyegg.com/pages/scripts/0020/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
truncated
/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
symantec-enterprise-blogs.security.com.json
script.crazyegg.com/pages/data-scripts/0020/2903/site/ |
232 B 478 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rum
symantec-enterprise-blogs.security.com/cdn-cgi/ |
0 215 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- truncated
- URL
- data:truncated
Verdicts & Comments Add Verdict or Comment
54 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| OneTrustStub function| OptanonWrapper object| dataLayer function| drift undefined| driftt function| setImmediate function| clearImmediate object| VidyardV4 object| Vidyard object| vidyardEmbed object| webpackChunksym_blogs_ui object| __cfBeacon string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Optanon object| OneTrust object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady number| attempts function| wait_for_onetrust object| gaGlobal boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL undefined| CE_USER_COMMON_SCRIPT_URL undefined| CE_USER_THIRDPARTY_SCRIPT_URL object| 3eiXJRXgVuLsYGH9303q object| regeneratorRuntime object| _driftFrames object| __post_robot_10_0_16__ string| __DRIFT_ENV__ string| __DRIFT_BUILD_ID__ string| __DRIFT_BRANCH__ boolean| drift_invoked object| drift_event_listeners string| drift_display_mode string| drift_campaign_refresh number| drift_page_view_started number| drift_session_started string| drift_session_id4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.security.com/ | Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Sep+30+2022+20%3A01%3A41+GMT%2B0000+(GMT)&version=6.39.0&isIABGlobal=false&hosts=&consentId=a01e643d-0ac6-49ed-9d80-36f9c6936a03&interactionCount=0&landingPath=https%3A%2F%2Fsymantec-enterprise-blogs.security.com%2Fblogs%2Fthreat-intelligence%2Ffastcash-lazarus-atm-malware&groups=1%3A1%2C3%3A1%2C2%3A0%2C4%3A0 |
|
.security.com/ | Name: _ga_7F7J5PJRQ5 Value: GS1.1.1664568101.1.0.1664568101.0.0.0 |
|
.security.com/ | Name: _ga Value: GA1.1.511946781.1664568101 |
|
symantec-enterprise-blogs.security.com/ | Name: drift_campaign_refresh Value: 55d943f4-ca28-4bd5-b62b-734f3e04ee81 |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com privacyportal.onetrust.com script.crazyegg.com sed-cms.broadcom.com staging-symantec-enterprise-blogs.security.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com;img-src 'self' cdn.vidyard.com play.vidyard.com symantec-enterprise-blogs.security.com www.google-analytics.com i.ytimg.com;script-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com script.crazyegg.com static.cloudflareinsights.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com 'unsafe-inline' 'unsafe-eval';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';script-src-attr 'none' |
Strict-Transport-Security | max-age=15552000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.cookielaw.org
geolocation.onetrust.com
js.driftt.com
play.vidyard.com
script.crazyegg.com
static.cloudflareinsights.com
symantec-enterprise-blogs.security.com
truncated
www.googletagmanager.com
www.symantec.com
truncated
13.224.189.114
151.101.129.181
2606:4700:10::6816:31d7
2606:4700:4400::6812:2962
2606:4700:440e::6812:2fe6
2606:4700::6810:9440
2606:4700::6812:59e
2606:4700::6813:9408
2a00:1450:4001:808::2008
09601846cbe98c0ac5eb5719ce6963659658be3bf77c137e1199b3a5b470fb63
0c0a420088eb412c91dedd16fb5ab91b814a8b944353712f945f8da3582501b0
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
19081598b0ed60c32f9e32d48df01abf64f554e50569e22361bb462b16b2ee70
2af15a1d0d3b6b8d94d326ddbe90011782bd026fdb74a2b07084a2026d7fce55
2bdd9ade4ab2de5d78f5502a865b4c00f5734fadc300c173c95a8eecafc09c34
2dd0a45d3fa54e59965df6f9c840725463aecac258c437741f9d6f4c762d8840
2fa21b31d8678f0a2e206b480f1ea7ddb9c785e81dc36ce33745f25a07e64acd
319881caca6f5f0d1e8e24040579d93386008e39dee1045965124b86303143e1
3c7578ec4bd6ddc97e636b02d397febd16d62c90f78b4a079e3130bdfaf1b56b
3f51250e2d3ef478f59bc89cb67681b5ed423f8f8dc22062fb49e101e5032a2e
45b0ae173225fe05d8d3914b75f3570c2b833b66afdd3df1828d90eb6937283f
5e7db1dad71488c49f9b8f5df2f6e27faeda7ed342098363dfe5f53e3c535360
60b87927395b0bb1170c46bf4b3fd0c3a04f8db0a0b4e3a948ecdcb22c69939a
661a6f6c26cc9562b861410138395c6b98be3acea4a2074c8490a08e3181ac43
6bc1f4dcf3134d9d3ff86b2a316339726a712d0c578cb51c212bd3c19e5717ed
74df1bd8fe9406caef5e6cf8fd664fa5c5492f0bea74d9ee01df5f810d2421b4
7698cd31eb0aee5d34361982a830b4851bb6e1487c1c25f67fd1ccc7449b5ad8
7b689289973cf517f6dce5f17fc6456fde31b85ecccd1321b66f272bfeb1976e
83f4e318c9ac2f121439a499a1177c9a7ee571e5a0e4ff08d4f6f08a6da08dca
85f46b44e60238f84fcd1ed30fd4f148e7e14273218cc21d5622091bda78c57f
8d1a6cc41df47dd272cea8aa44fe0fd323f8b4b89481dedcc7cb7138b0c44c50
908d688dd8c8ecb731c783c0ef1430b2e4c2e103d0231bcd9cfe87d5350f16bb
989218038524b89a671418ec80d04d05a32cb1509b3f5f8319ff64edbc65aee3
a0a5dadc72032046d7efc10e84eb4e06ba01241481a8c7ebfd3a3e7d5b5ce095
a1f791c280f1075b8387cac0dc2ed314de8ab9eeb8ed31e22843915ed065bec9
ac23fb0eedc89c104a84c865f3ffbd038d200882939c8c1f84c56a8f378a2ee0
b4f651a7d7379bc68141037ae47545792cce1e70989500813b6fc4a46c174425
ba17f8257b1f710aa0e7136f4bd4b91a9a7db4f9cac2c409caf8708a64787303
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bea188790d2737ccb95bb0dd69e95196662ba7a2a4fcf799e590a7e0a5376223
cb530d7e15e8e07dad69e82e3a6e59c962448ac5f729b83e565ccfdf79135a52
cc3d601a30591a4b197d3a0cd419f76aea58728bdc00b27044e6510f3a76a126
d05fdec5a52ccdbb466e96e56aa14bb4ad592703be5ba50535d51d436c6b8fe5
d64ec28ae2de31c9dfcc6d14b48a6070bdcf1eafcb05c151491bfc862264f610
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e99c245d48645ebb9b5ebd5bb11c4374632136513c852be7653fc8e591b242b9
f4a3eaebb833b14c278bb2dbe0204adb4dd9596378e3408e6362b2d9bea57745
f92e7d66fc50d8bb33b74be2923dead81d990cb7b8c0c8b280bc2cb50f58bc60
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f