URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Submission: On October 13 via manual from SE — Scanned from SE

Summary

This website contacted 97 IPs in 11 countries across 84 domains to perform 358 HTTP transactions. The main IP is 172.67.69.48, located in United States and belongs to CLOUDFLARENET, US. The main domain is decrypt.co. The Cisco Umbrella rank of the primary domain is 200267.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 10th 2023. Valid for: a year.
This is the only time decrypt.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
127 172.67.69.48 13335 (CLOUDFLAR...)
2 143.204.98.17 16509 (AMAZON-02)
1 95.101.54.129 20940 (AKAMAI-ASN1)
3 34.111.134.78 396982 (GOOGLE-CL...)
4 142.250.186.104 15169 (GOOGLE)
1 13.32.99.52 16509 (AMAZON-02)
2 95.101.54.200 20940 (AKAMAI-ASN1)
1 18.66.112.27 16509 (AMAZON-02)
2 104.26.8.216 13335 (CLOUDFLAR...)
3 52.222.208.154 16509 (AMAZON-02)
2 142.250.185.98 15169 (GOOGLE)
1 104.18.43.90 13335 (CLOUDFLAR...)
4 35.201.81.77 396982 (GOOGLE-CL...)
3 104.26.3.128 13335 (CLOUDFLAR...)
13 172.217.16.206 15169 (GOOGLE)
2 157.240.0.6 32934 (FACEBOOK)
23 104.26.4.122 13335 (CLOUDFLAR...)
4 104.18.214.59 13335 (CLOUDFLAR...)
1 142.250.184.206 15169 (GOOGLE)
1 104.26.7.139 13335 (CLOUDFLAR...)
1 18.66.97.119 16509 (AMAZON-02)
1 146.75.116.157 54113 (FASTLY)
1 54.218.80.76 16509 (AMAZON-02)
1 99.86.4.39 16509 (AMAZON-02)
1 108.138.9.235 16509 (AMAZON-02)
1 143.198.240.112 14061 (DIGITALOC...)
2 5 185.89.210.46 29990 (ASN-APPNEX)
1 145.40.97.67 54825 (PACKET)
1 3.123.81.250 16509 (AMAZON-02)
1 104.18.27.193 13335 (CLOUDFLAR...)
1 63.215.202.146 41041 (VCLK-EU-SE)
1 178.250.7.10 44788 (ASN-CRITE...)
1 213.19.162.45 3356 (LEVEL3)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 216.52.2.91 30282 (AS-INAPCD...)
2 34.98.64.218 396982 (GOOGLE-CL...)
2 3.126.57.93 16509 (AMAZON-02)
3 130.211.23.194 15169 (GOOGLE)
2 172.67.69.19 13335 (CLOUDFLAR...)
1 172.217.18.6 15169 (GOOGLE)
1 104.244.42.5 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
2 216.239.34.36 15169 (GOOGLE)
3 66.102.1.154 15169 (GOOGLE)
4 142.250.184.195 15169 (GOOGLE)
1 18.185.166.17 16509 (AMAZON-02)
1 13.35.255.75 16509 (AMAZON-02)
3 142.250.186.110 15169 (GOOGLE)
3 142.250.186.100 15169 (GOOGLE)
1 157.240.251.35 32934 (FACEBOOK)
1 35.172.160.55 14618 (AMAZON-AES)
2 178.250.7.2 44788 (ASN-CRITE...)
10 104.18.27.46 13335 (CLOUDFLAR...)
5 172.67.75.56 13335 (CLOUDFLAR...)
1 104.16.57.101 13335 (CLOUDFLAR...)
1 172.217.18.10 15169 (GOOGLE)
1 142.250.184.193 15169 (GOOGLE)
3 142.250.185.99 15169 (GOOGLE)
1 34.120.195.249 396982 (GOOGLE-CL...)
1 216.239.36.54 15169 (GOOGLE)
5 104.26.4.69 13335 (CLOUDFLAR...)
1 151.101.194.137 54113 (FASTLY)
2 192.229.233.25 15133 (EDGECAST)
1 104.18.28.245 13335 (CLOUDFLAR...)
1 162.247.243.29 54113 (FASTLY)
1 104.244.42.200 13414 (TWITTER)
1 44.232.33.101 16509 (AMAZON-02)
25 108.138.7.119 16509 (AMAZON-02)
2 18.66.122.44 16509 (AMAZON-02)
1 142.250.185.226 15169 (GOOGLE)
2 35.71.131.137 16509 (AMAZON-02)
1 76.223.111.18 16509 (AMAZON-02)
2 95.101.149.233 16625 (AKAMAI-AS)
1 2.19.104.211 16625 (AKAMAI-AS)
2 2.19.105.180 16625 (AKAMAI-AS)
1 104.18.24.18 13335 (CLOUDFLAR...)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 178.250.1.9 44788 (ASN-CRITE...)
1 2 67.220.226.234 16509 (AMAZON-02)
1 1 91.228.74.159 16509 (AMAZON-02)
8 185.64.191.210 62713 (AS-PUBMATIC)
8 198.47.127.205 3257 (GTT-BACKB...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 3 18.185.230.6 16509 (AMAZON-02)
2 2 54.76.89.191 16509 (AMAZON-02)
1 1 52.45.228.151 14618 (AMAZON-AES)
1 1 50.31.142.31 23352 (SERVERCEN...)
1 2 151.101.130.49 54113 (FASTLY)
5 5 52.51.216.150 16509 (AMAZON-02)
5 5 142.250.185.162 15169 (GOOGLE)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 1 185.86.138.155 201081 (SMARTADSE...)
1 1 35.214.241.28 15169 (GOOGLE)
1 1 82.145.213.8 39832 (NO-OPERA)
1 173.231.180.197 32475 (SINGLEHOP...)
2 2 213.155.156.166 1299 (TWELVE99 ...)
1 1 193.0.160.131 54312 (ROCKETFUEL)
1 35.186.193.173 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.94.161.190 16276 (OVH)
2 2 141.94.171.213 16276 (OVH)
1 2 52.31.175.73 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 52.202.131.94 14618 (AMAZON-AES)
3 3 37.157.4.29 198622 (ADFORM)
1 35.204.158.49 396982 (GOOGLE-CL...)
1 54.77.73.229 16509 (AMAZON-02)
1 3.75.62.37 16509 (AMAZON-02)
1 98.98.134.241 21859 (ZEN-ECN)
1 1 46.228.164.11 56396 (AMOBEE)
1 64.158.223.140 41041 (VCLK-EU-SE)
1 1 134.122.57.34 14061 (DIGITALOC...)
1 69.173.144.165 26667 (RUBICONPR...)
1 198.47.127.20 ()
358 97
Apex Domain
Subdomains
Transfer
130 decrypt.co
decrypt.co — Cisco Umbrella Rank: 200267
img.decrypt.co — Cisco Umbrella Rank: 456921
cdn.decrypt.co — Cisco Umbrella Rank: 470660
api.decrypt.co — Cisco Umbrella Rank: 578573
gateway.decrypt.co — Cisco Umbrella Rank: 540877
3 MB
26 withpaper.com
withpaper.com — Cisco Umbrella Rank: 456095
assets.withpaper.com — Cisco Umbrella Rank: 490061
1 MB
23 mmin.io
w.mmin.io — Cisco Umbrella Rank: 105842
293 KB
21 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 581
ads.pubmatic.com — Cisco Umbrella Rank: 588
image6.pubmatic.com — Cisco Umbrella Rank: 967
image2.pubmatic.com — Cisco Umbrella Rank: 1116
simage2.pubmatic.com — Cisco Umbrella Rank: 959
simage4.pubmatic.com
31 KB
13 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
42 KB
12 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
ad.doubleclick.net — Cisco Umbrella Rank: 173
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
166 KB
11 walletconnect.com
verify.walletconnect.com — Cisco Umbrella Rank: 62666
explorer-api.walletconnect.com — Cisco Umbrella Rank: 86286
65 KB
10 moneymade.io
assets.moneymade.io — Cisco Umbrella Rank: 259839
api.widgets-data.moneymade.io — Cisco Umbrella Rank: 230405
ev.moneymade.io — Cisco Umbrella Rank: 257057
static.moneymade.io — Cisco Umbrella Rank: 971314
64 KB
8 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2714
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1474
www.google.com — Cisco Umbrella Rank: 2
103 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 334
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 657
aax.amazon-adsystem.com — Cisco Umbrella Rank: 426
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1086
69 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
acdn.adnxs.com — Cisco Umbrella Rank: 663
20 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 624
3 KB
5 rollbar.com
cdn.rollbar.com — Cisco Umbrella Rank: 10270
api.rollbar.com — Cisco Umbrella Rank: 13048
24 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2979
3 KB
4 google.se
www.google.se — Cisco Umbrella Rank: 27278
776 B
4 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 869
platform.twitter.com — Cisco Umbrella Rank: 1192
syndication.twitter.com — Cisco Umbrella Rank: 1427
132 KB
4 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 563
eus.rubiconproject.com — Cisco Umbrella Rank: 662
token.rubiconproject.com — Cisco Umbrella Rank: 504
13 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 1081
api.btloader.com — Cisco Umbrella Rank: 1150
8 KB
4 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3981
onesignal.com — Cisco Umbrella Rank: 1303
82 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
308 KB
3 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3616
c1.adform.net — Cisco Umbrella Rank: 643
2 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
1 KB
3 gstatic.com
fonts.gstatic.com
223 KB
3 superficialspring.com
superficialspring.com — Cisco Umbrella Rank: 295552
24 KB
3 typekit.net
p.typekit.net — Cisco Umbrella Rank: 722
use.typekit.net — Cisco Umbrella Rank: 560
77 KB
3 pubgenius.io
delivery.pubgenius.io — Cisco Umbrella Rank: 199356
e.api.pubgenius.io — Cisco Umbrella Rank: 176401
123 KB
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
551 B
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 22832
498 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1011
625 B
2 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19201
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5121
562 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 782
766 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 5494
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
566 B
2 paper.xyz
pg.paper.xyz — Cisco Umbrella Rank: 654237
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
58 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1176
1 KB
2 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1193
307 B
2 openx.net
mediadojo-d.openx.net — Cisco Umbrella Rank: 227790
u.openx.net — Cisco Umbrella Rank: 739
465 B
2 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 895
dis.criteo.com — Cisco Umbrella Rank: 648
552 B
2 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3968
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4048
315 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 659
eb2.3lift.com — Cisco Umbrella Rank: 434
695 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
88 KB
2 spindl.link
spindl.link
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2536
555 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 1024
518 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 847
187 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
608 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 31844
412 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6854
277 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6415
368 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1000
791 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1504
282 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2092
553 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1165
225 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898
792 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 602
664 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 637
379 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 915
1 KB
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617
524 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 929
588 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 753
2 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 248
392 B
1 dispatch.co
public.dispatch.co — Cisco Umbrella Rank: 823028
454 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 456
16 KB
1 cloudfunctions.net
us-central1-benchmark-media.cloudfunctions.net — Cisco Umbrella Rank: 273866
15 KB
1 sentry.io
o409492.ingest.sentry.io — Cisco Umbrella Rank: 256357
333 B
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 70
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
4 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1113
7 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1445
201 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
185 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1738
15 KB
1 t.co
t.co — Cisco Umbrella Rank: 614
377 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 754
397 B
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 570
544 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1090
271 B
1 alkimi-onboarding.com
exchange.alkimi-onboarding.com — Cisco Umbrella Rank: 110582
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 792
15 KB
1 customer.io
assets.customer.io — Cisco Umbrella Rank: 16225
3 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1361
49 KB
1 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1591
448 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 720
485 B
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
358 84
Domain Requested by
111 decrypt.co decrypt.co
cdn.rollbar.com
25 assets.withpaper.com withpaper.com
23 w.mmin.io decrypt.co
w.mmin.io
13 www.google-analytics.com decrypt.co
cdn.rollbar.com
w.mmin.io
10 explorer-api.walletconnect.com cdn.rollbar.com
decrypt.co
8 simage2.pubmatic.com ads.pubmatic.com
8 image2.pubmatic.com ads.pubmatic.com
7 img.decrypt.co decrypt.co
6 gateway.decrypt.co cdn.rollbar.com
5 cm.g.doubleclick.net 5 redirects
5 match.prod.bidr.io 5 redirects
5 ib.adnxs.com 2 redirects cdn.rollbar.com
4 a.audrte.com 3 redirects
4 ev.moneymade.io w.mmin.io
4 www.google.se decrypt.co
4 api.decrypt.co cdn.rollbar.com
4 api.rollbar.com cdn.rollbar.com
4 www.googletagmanager.com decrypt.co
www.googletagmanager.com
assets.withpaper.com
3 x.bidswitch.net 2 redirects ads.pubmatic.com
3 static.moneymade.io
3 fonts.gstatic.com w.mmin.io
decrypt.co
fonts.googleapis.com
3 www.google.com decrypt.co
3 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
cdn.rollbar.com
3 stats.g.doubleclick.net www.googletagmanager.com
cdn.rollbar.com
3 api.btloader.com cdn.rollbar.com
3 c.amazon-adsystem.com delivery.pubgenius.io
cdn.rollbar.com
3 superficialspring.com decrypt.co
cdn.rollbar.com
2 c1.adform.net 2 redirects
2 cr.frontend.weborama.fr 1 redirects
2 sync.crwdcntrl.net 1 redirects
2 pixel-eu.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 ads.avct.cloud 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 ads.pubmatic.com delivery.pubgenius.io
2 eus.rubiconproject.com delivery.pubgenius.io
eus.rubiconproject.com
2 match.adsrvr.org cdn.rollbar.com
2 pg.paper.xyz assets.withpaper.com
2 platform.twitter.com decrypt.co
platform.twitter.com
2 assets.moneymade.io w.mmin.io
2 static.criteo.net delivery.pubgenius.io
cdn.rollbar.com
2 onesignal.com cdn.onesignal.com
2 region1.analytics.google.com www.googletagmanager.com
2 ad-delivery.net decrypt.co
2 btlr.sharethrough.com cdn.rollbar.com
2 cdn.onesignal.com decrypt.co
cdn.onesignal.com
2 connect.facebook.net decrypt.co
connect.facebook.net
2 securepubads.g.doubleclick.net delivery.pubgenius.io
securepubads.g.doubleclick.net
2 spindl.link cdn.rollbar.com
2 use.typekit.net decrypt.co
2 cdn.decrypt.co decrypt.co
2 delivery.pubgenius.io decrypt.co
delivery.pubgenius.io
1 simage4.pubmatic.com ads.pubmatic.com
1 token.rubiconproject.com eus.rubiconproject.com
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com
1 ad.turn.com 1 redirects
1 pixel-sync.sitescout.com
1 ups.analytics.yahoo.com
1 pr-bh.ybp.yahoo.com
1 um.simpli.fi
1 dmp.adform.net 1 redirects
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 csync.loopme.me 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cms.quantserve.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 js-sec.indexww.com delivery.pubgenius.io
1 u.openx.net delivery.pubgenius.io
1 acdn.adnxs.com delivery.pubgenius.io
1 eb2.3lift.com delivery.pubgenius.io
1 googleads.g.doubleclick.net www.googletagmanager.com
1 withpaper.com public.dispatch.co
1 syndication.twitter.com platform.twitter.com
1 bam.nr-data.net cdn.rollbar.com
1 public.dispatch.co decrypt.co
1 js-agent.newrelic.com decrypt.co
1 api.widgets-data.moneymade.io w.mmin.io
1 us-central1-benchmark-media.cloudfunctions.net w.mmin.io
1 o409492.ingest.sentry.io w.mmin.io
1 lh3.googleusercontent.com decrypt.co
1 fonts.googleapis.com
1 static.cloudflareinsights.com w.mmin.io
1 ping.chartbeat.net decrypt.co
1 www.facebook.com decrypt.co
1 static.chartbeat.com decrypt.co
1 verify.walletconnect.com decrypt.co
1 analytics.twitter.com decrypt.co
1 t.co decrypt.co
1 ad.doubleclick.net decrypt.co
1 mediadojo-d.openx.net cdn.rollbar.com
1 ap.lijit.com cdn.rollbar.com
1 hbopenbid.pubmatic.com cdn.rollbar.com
1 fastlane.rubiconproject.com cdn.rollbar.com
1 bidder.criteo.com cdn.rollbar.com
1 web.hb.ad.cpe.dotomi.com cdn.rollbar.com
1 htlb.casalemedia.com cdn.rollbar.com
1 tlx.3lift.com cdn.rollbar.com
1 prebid.a-mo.net cdn.rollbar.com
1 exchange.alkimi-onboarding.com cdn.rollbar.com
1 aax.amazon-adsystem.com cdn.rollbar.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 e.api.pubgenius.io delivery.pubgenius.io
1 static.ads-twitter.com decrypt.co
1 assets.customer.io decrypt.co
1 btloader.com decrypt.co
1 www.googleoptimize.com decrypt.co
1 cdn.confiant-integrations.net delivery.pubgenius.io
1 static.adsafeprotected.com decrypt.co
1 cdn.rollbar.com decrypt.co
1 p.typekit.net decrypt.co
0 ad.mrtnsvr.com Failed ads.pubmatic.com
358 123
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-10 -
2024-04-09
a year crt.sh
delivery.pubgenius.io
Amazon RSA 2048 M03
2023-09-16 -
2024-10-14
a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-21 -
2024-10-21
a year crt.sh
superficialspring.com
R3
2023-09-11 -
2023-12-10
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
cdn.rollbar.com
Amazon RSA 2048 M02
2023-05-12 -
2024-06-09
a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02
2023-07-07 -
2024-08-04
a year crt.sh
spindl.link
E1
2023-10-07 -
2024-01-05
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
confiant-integrations.net
GTS CA 1P5
2023-09-20 -
2023-12-19
3 months crt.sh
api.rollbar.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-17 -
2023-11-16
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-07-22 -
2023-10-20
3 months crt.sh
mmin.io
GTS CA 1P5
2023-09-30 -
2023-12-29
3 months crt.sh
*.customer.io
Amazon RSA 2048 M01
2023-03-02 -
2023-12-17
10 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-21 -
2024-07-19
a year crt.sh
*.api.pubgenius.io
Amazon RSA 2048 M03
2023-10-04 -
2024-11-02
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2023-02-20 -
2024-03-20
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
*.alkimi-onboarding.com
E1
2023-09-14 -
2023-12-13
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.a-mo.net
R3
2023-10-06 -
2024-01-04
3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018
2023-06-09 -
2024-07-10
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2023-12-23
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2023-04-20 -
2024-05-20
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2023-05-06 -
2024-05-04
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01
2023-06-14 -
2024-07-12
a year crt.sh
api.btloader.com
GTS CA 1D4
2023-10-10 -
2024-01-08
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-05 -
2024-02-05
a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-05 -
2024-02-05
a year crt.sh
*.google.se
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
verify.walletconnect.com
Amazon RSA 2048 M01
2023-01-25 -
2024-02-23
a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1
2023-05-16 -
2024-06-06
a year crt.sh
*.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
www.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2022-12-19 -
2023-12-30
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-09 -
2024-01-06
3 months crt.sh
walletconnect.com
GTS CA 1P5
2023-09-03 -
2023-12-02
3 months crt.sh
assets.moneymade.io
GTS CA 1P5
2023-09-24 -
2023-12-23
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-25 -
2024-08-24
a year crt.sh
misc.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
api.widgets-data.moneymade.io
GTS CA 1P5
2023-09-25 -
2023-12-24
3 months crt.sh
ev.moneymade.io
GTS CA 1P5
2023-09-24 -
2023-12-23
3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2
2023-04-13 -
2024-05-14
a year crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-28 -
2024-07-26
a year crt.sh
dispatch.co
GTS CA 1P5
2023-09-11 -
2023-12-10
3 months crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-18 -
2023-12-19
a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-05 -
2024-02-05
a year crt.sh
withpaper.com
R3
2023-10-01 -
2023-12-30
3 months crt.sh
static.moneymade.io
GTS CA 1P5
2023-09-24 -
2023-12-23
3 months crt.sh
*.withpaper.com
Amazon RSA 2048 M02
2022-12-07 -
2024-01-06
a year crt.sh
pg.paper.xyz
Amazon RSA 2048 M01
2023-08-22 -
2024-09-19
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2023-08-24 -
2024-08-24
a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3
2023-09-05 -
2024-09-03
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01
2023-06-21 -
2024-03-02
8 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-08-11 -
2024-09-11
a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-03 -
2024-03-31
a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-04 -
2023-11-06
10 months crt.sh
*.iprom.net
R3
2023-08-16 -
2023-11-14
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02
2023-10-08 -
2024-11-06
a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2022-11-07 -
2023-12-08
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-29 -
2024-02-21
6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-03 -
2024-01-24
6 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-01-09 -
2024-02-02
a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2023-08-15 -
2024-09-15
a year crt.sh

This page contains 30 frames:

Primary Page: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Frame ID: EC4CAC7ECC3F1AF9E123BF2800B5C65C
Requests: 247 HTTP requests in this frame

Frame: https://verify.walletconnect.com/58ba09e3c80b1a336ae02b8cd7cf8636
Frame ID: 7925449E87A8AE3A2E1AC3076CCDD5E4
Requests: 1 HTTP requests in this frame

Frame: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Frame ID: 1A67EC7E80FC76D26CABD007C8B72E1E
Requests: 39 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fdecrypt.co
Frame ID: 0861557AB9D220C562344DA8B62CFB98
Requests: 2 HTTP requests in this frame

Frame: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Frame ID: 700506C7608FDBCBE20724174FCC2F2F
Requests: 32 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 7E48B655FAD9303586101E85A8B58659
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C6A97CCB42FC67E9B34B72AEBB98CB02
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 68E2B5087800244672EE4200E4B2279C
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 0F41E47D72C6BA3A8950C8D21438343C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160486
Frame ID: 4EF0F7EEBB67C6A7F15AE136F2B97A5D
Requests: 18 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 64AD0FED6D1A8051B1BC1A914F480BCC
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 53DB0753EF2EB0C6057B31B17542B283
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7FF46CC5-2849-4B54-A063-7DDF546864C8&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 928FBB8884A158F189F8ADF69348D72F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=W1aGdF5SgSxAUtAuC1WZeVlX1XtAUIV9D1Opf0LH
Frame ID: 1D87FEAC781450C674E5D87930A7C8C3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8666875426438322128&gdpr=0&gdpr_consent=
Frame ID: 1E753CDE8D33ED890F9079328CE86B4A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7289411734496475282&gdpr=0&gdpr_consent=
Frame ID: F77D5891743AC897202FC6E86366F61E
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=59&user_id=7842eb82-e9ab-4681-8652-32e64adf275b&ssp=pubmatic
Frame ID: 7B6372F42555320BDEC5B0B1C7D64461
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_BPeNFlTWuJVffKm6m_t0LmT1WI&gdpr=0&gdpr_consent=
Frame ID: 2F82DC4AB26D045F0458BDBAED0BF94E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: 54392EACD6F9A57E534289C851EC7A2C
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZSkxWgAXj8xcKQAb
Frame ID: 8012BABDD2516292E07F5F4064AF1994
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB_BE7KUmMAABj5FG6NFw&gdpr=0&gdpr_consent=
Frame ID: AD68F8D377D675ACA37AA9F4E38CE099
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: A7E68A34B9FE9FAF52FBFD6E4C9358D7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUa24d3d62ca744d7d8fe92bc6460ff9d7
Frame ID: A4BBFC3810D73F032050D2851D7D921C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: B38F1DB45CC4CA1578F7046BF5FAA2CD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5381338182345799000
Frame ID: B3D39DFA4A948FEED47FA1B9443BE74F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528210542470
Frame ID: 0779D5E244FFD36794F7A83B3C5D26F8
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 9EB008F46281A30443F7AD9BD32D1653
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: E387FAAFE32C2C6361DAA4BFC1138A66
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: C812FE04E4EAFC82E2DAD59A75DCB234
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRMnbQnUbQSQYbMjX&gdpr=0&gdpr_consent=
Frame ID: 36920DB24F3E847D88B94C9A0510ADED
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

FBI Confirms North Korea Behind $100 Million Harmony Hack - Decrypt

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • chartbeat\.js

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

358
Requests

97 %
HTTPS

0 %
IPv6

84
Domains

123
Subdomains

97
IPs

11
Countries

6607 kB
Transfer

19836 kB
Size

86
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 334
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 336
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7FF46CC5-2849-4B54-A063-7DDF546864C8&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7FF46CC5-2849-4B54-A063-7DDF546864C8&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 337
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=W1aGdF5SgSxAUtAuC1WZeVlX1XtAUIV9D1Opf0LH
Request Chain 338
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8666875426438322128&gdpr=0&gdpr_consent=
Request Chain 339
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7289411734496475282&gdpr=0&gdpr_consent=
Request Chain 340
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=7842eb82-e9ab-4681-8652-32e64adf275b&ssp=pubmatic
Request Chain 341
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_BPeNFlTWuJVffKm6m_t0LmT1WI&gdpr=0&gdpr_consent=
Request Chain 342
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 343
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZSkxWgAXj8xcKQAb
Request Chain 344
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCX0JFN0tVbU1BQUJqNUZHNk5Gdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAB_BE7KUmMAABj5FG6NFw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAB_BE7KUmMAABj5FG6NFw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAB_BE7KUmMAABj5FG6NFw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3732027440556077069&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB_BE7KUmMAABj5FG6NFw&gdpr=0&gdpr_consent=
Request Chain 345
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 346
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUa24d3d62ca744d7d8fe92bc6460ff9d7
Request Chain 348
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5381338182345799000
Request Chain 349
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528210542470
Request Chain 353
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=9fe1de61d8d31fc2/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRMnbQnUbQSQYbMjX%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3Dtk2EoAPtRMnbQnUbQSQYbMjX%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRMnbQnUbQSQYbMjX&gdpr=0&gdpr_consent=
Request Chain 354
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=f_RsxShJS1SgY33fVGhkyA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 356
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2655332648
Request Chain 357
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=7FF46CC5-2849-4B54-A063-7DDF546864C8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OWdoMjFkazhBSnBRRHVwYVFQdUlNeGY3QQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=2382276836758500377&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 358
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0ZGNDZDQzUtMjg0OS00QjU0LUEwNjMtN0RERjU0Njg2NEM4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 359
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMfW7HSMWVSIbSPB3z_IIig&google_cver=1
Request Chain 361
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2382276836758500377
Request Chain 366
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2983877857478686381&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 368
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:916af8da-8d25-47fc-b4b0-ba0a858ac26b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

358 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request fbi-north-korea-lazarus-horizon-harmony-bridge-hack
decrypt.co/119861/
600 KB
156 KB
Document
General
Full URL
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
185c731d9ab38637a8c39c4e8cfe579aa494905386a1c77f2268b0b473a2bbd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
max-age=60
cf-cache-status
MISS
cf-ray
81576beb99e21c87-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 13 Oct 2023 12:00:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfy2MXJFpYxCZQqvb6HGj5Z2J3SMnuZYMqWz8v4cuzizbaFznq5DXXue1L9cPE7z3qHc7AdGO45T9otSuy%2B5xhml2s45eQxOkvP%2FlivP5kxBoReDkLIWPK53dLs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin, Accept-Encoding
via
1.1 varnish (Varnish/7.0)
x-cache
MISS
x-content-type-options
nosniff
x-powered-by
Next.js
x-varnish
947624332
north-korea-2662076_1280-gID_1.jpg@webp
img.decrypt.co/insecure/rs:fit:1536:0:0:0/plain/https://cdn.decrypt.co/wp-content/uploads/2019/09/
175 KB
175 KB
Image
General
Full URL
https://img.decrypt.co/insecure/rs:fit:1536:0:0:0/plain/https://cdn.decrypt.co/wp-content/uploads/2019/09/north-korea-2662076_1280-gID_1.jpg@webp
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
670b6dcbd4f5cd58abc0a4aaeabdd0f47a0fbe79e613b930341ff6117fab0070
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
content-security-policy
script-src 'none'
via
1.1 varnish (Varnish/7.0)
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-cache
HIT
content-disposition
inline; filename="north-korea-2662076_1280-gID_1.webp"
content-length
179004
x-request-id
f9d48cd8f7a91ab30b76414d11562434
last-modified
Fri, 13 Oct 2023 12:00:21 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYkUQjjA%2F1Ew8y5wyq13FsAUCvEzBts%2FM61pXc4AL7wcrSrI7qaANO4IFX5AJYiBkdXsjopxzOIFb5gQi3Pqqj860X7IOX15Rle9dRcKXUeZsGTlnj%2F2utPZixo%2BcmWh"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-varnish
947759587 933597224
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
81576bf23f6f1c87-AMS
expires
Sat, 12 Oct 2024 07:26:57 GMT
916d3686010a8de2-s.p.woff2
decrypt.co/_next/static/media/
8 KB
8 KB
Font
General
Full URL
https://decrypt.co/_next/static/media/916d3686010a8de2-s.p.woff2
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15276981
x-powered-by
Express
x-cache
HIT
content-length
7884
last-modified
Wed, 19 Apr 2023 16:19:16 GMT
server
cloudflare
etag
W/"1ecc-1879a5023a0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmQTO%2BdfqRiKL7N5AwA8PAFBllDk%2F%2FthUybLwQwxeJR9rbPD6xgMWs%2FvNFsakds1GomhBCM4BfqShPUqZ8fEd66Ja%2F00X1%2BHIdlj7tc8N55SIXmlf2EaiHGMQFg%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
https://decrypt.co
x-varnish
35994 199012
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81576bf1ef251c87-AMS
7777133e901cd5ed-s.p.woff2
decrypt.co/_next/static/media/
8 KB
8 KB
Font
General
Full URL
https://decrypt.co/_next/static/media/7777133e901cd5ed-s.p.woff2
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15276981
x-powered-by
Express
x-cache
HIT
content-length
7748
last-modified
Wed, 19 Apr 2023 16:19:16 GMT
server
cloudflare
etag
W/"1e44-1879a5023a0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XiW5HyL0ikAfTaetRPao%2BUhIIz3VuZ%2Fl6kHdO4RpH1NdB7w6hn7ifjfauUzXV85c6sPiNR8S7WujwP33eEXENuYtdxXl1UxJbs8%2BhTPA2hHFYDIU8KsQ1lIa%2Bj0%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
https://decrypt.co
x-varnish
493178 264495
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81576bf1ef261c87-AMS
d869208648ca5469-s.p.woff2
decrypt.co/_next/static/media/
8 KB
8 KB
Font
General
Full URL
https://decrypt.co/_next/static/media/d869208648ca5469-s.p.woff2
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15276981
x-powered-by
Express
x-cache
HIT
content-length
8000
last-modified
Wed, 19 Apr 2023 16:19:16 GMT
server
cloudflare
etag
W/"1f40-1879a5023a0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYwzdQTnFe%2BAoWKhJ9YHV94MfFj9r0dV9Oa4zv6rGUH5FL%2BZsfDAOXhHQNl3Z4P7VstCdkMaN3GMdrPa7IaCAd6OL8ijcdQl9HlO3GB7prIpiDGrO3Ao11u%2Ft58%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
https://decrypt.co
x-varnish
493183 1672656
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81576bf1ef2a1c87-AMS
9a881e2ac07d406b-s.p.woff2
decrypt.co/_next/static/media/
8 KB
8 KB
Font
General
Full URL
https://decrypt.co/_next/static/media/9a881e2ac07d406b-s.p.woff2
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15276981
x-powered-by
Express
x-cache
HIT
content-length
7816
last-modified
Wed, 19 Apr 2023 16:19:16 GMT
server
cloudflare
etag
W/"1e88-1879a5023a0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqcMzSnPM2z27wqjtR1v9MZxSKjn280YkmIAfH3crFMpEnsuQt9Fn0E3i55O6QPFPMB9bQiUuWQDhXKi7ElniRkzo4sx0lASt8XS0VkgVJxNvkh4WPSP3oydpwE%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
https://decrypt.co
x-varnish
1672767 1214383
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81576bf1ef2b1c87-AMS
7f3351e323b56175-s.p.woff2
decrypt.co/_next/static/media/
14 KB
14 KB
Font
General
Full URL
https://decrypt.co/_next/static/media/7f3351e323b56175-s.p.woff2
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
03dde1b3710769c25b0c1df73c9e325fad06b6c8b4d5bdf4c3738a728d404d4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8814952
x-powered-by
Express
x-cache
HIT
content-length
14332
last-modified
Mon, 03 Jul 2023 11:18:13 GMT
server
cloudflare
etag
W/"37fc-1891b797908"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bVVletecY4o2bG7%2FUmZy6BfNayK4QvAwnFittcwhlp5SXaJZJqGTSZ%2B%2FqfkLXT7mxfimYb2DZZlH65lgexnzzP0JiIGVud%2FzmpzOWegZ0ivfnJzbc%2BRgOSRGFYE%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
https://decrypt.co
x-varnish
23815835 16717972
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81576bf1ef2c1c87-AMS
659df64606270f52-s.p.woff2
decrypt.co/_next/static/media/
14 KB
14 KB
Font
General
Full URL
https://decrypt.co/_next/static/media/659df64606270f52-s.p.woff2
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f464b79c2b346a2655e2242c4caf8ea009468832598577c3e664c0c5df76adaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8814952
x-powered-by
Express
x-cache
HIT
content-length
14244
last-modified
Mon, 03 Jul 2023 11:18:13 GMT
server
cloudflare
etag
W/"37a4-1891b797908"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnSKCZKNZ3AB%2FQ4j%2B5JIK0aTp9fR4IRm66WN0tBup6C87nU0OJ7HLdy7aOH44sMJtYJqspeSvrtx017LihoxTP0IJKD3KdbdxWuBf7xUoYf7wzTs%2BrqLMg4iUbM%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
https://decrypt.co
x-varnish
25826975 16780784
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81576bf1ef2d1c87-AMS
ebfe4f524cbef140-s.p.woff2
decrypt.co/_next/static/media/
14 KB
14 KB
Font
General
Full URL
https://decrypt.co/_next/static/media/ebfe4f524cbef140-s.p.woff2
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
47e04e3adb8fbd74845501ee0903b53b108d7932e4e6f812abf7abd5b4ab8a0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8814952
x-powered-by
Express
x-cache
HIT
content-length
14440
last-modified
Mon, 03 Jul 2023 11:18:13 GMT
server
cloudflare
etag
W/"3868-1891b797908"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhx%2B1buI9NnUTHSl3b%2BSWpPXTH6D9tpTuSWdGfFkLnVOQbg2VsMZP5l3b3Gad9eMBNMrO6phdTUlE6LU%2BNJ7jsm4DElPH%2FxcJmBaOkphZ5MWfVXZf3SjQcHB7hE%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
https://decrypt.co
x-varnish
15807714 28446161
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81576bf1ef2f1c87-AMS
6d6b84086d5e99f1-s.p.woff2
decrypt.co/_next/static/media/
14 KB
14 KB
Font
General
Full URL
https://decrypt.co/_next/static/media/6d6b84086d5e99f1-s.p.woff2
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c99cadd1ad6f2e3c7563dd5c5f5331b623c25d6e34a068e9e5215ff4132a9454
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8814952
x-powered-by
Express
x-cache
HIT
content-length
14388
last-modified
Mon, 03 Jul 2023 11:18:13 GMT
server
cloudflare
etag
W/"3834-1891b797908"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fz6rz2mpbTBYziYeLPg97AaOl2WSUvzmkvKf9FGA4TlrTZUxgms6d8NxMUMuvTV6KO%2BGlJnMi2RcYwCTIm7fdUVXGH3EavR2v0Z4BHRZOYJExMWDjP2vcFKXKBY%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
https://decrypt.co
x-varnish
13153087 23763698
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81576bf1ef301c87-AMS
df3bfb9215b6902e-s.p.woff2
decrypt.co/_next/static/media/
14 KB
14 KB
Font
General
Full URL
https://decrypt.co/_next/static/media/df3bfb9215b6902e-s.p.woff2
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cb068a653639dcb56965adaba3ab222cbe12841ede3b9adbcf66d98d5883847c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8814952
x-powered-by
Express
x-cache
HIT
content-length
14048
last-modified
Mon, 03 Jul 2023 11:18:13 GMT
server
cloudflare
etag
W/"36e0-1891b797908"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTDOok6YAyAsHp9FUDa3Vrz1meb1S0AVr3ODARn05BotfaudYFUelM0V4b3EswDsaUbfKrAj1z1QOgxhQOw6651MylXiUebf2taxfaYMcWIf66BPFfGTa66%2Biec%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
https://decrypt.co
x-varnish
23815836 28381474
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81576bf23f651c87-AMS
5c2f8b374be17117-s.p.woff2
decrypt.co/_next/static/media/
15 KB
15 KB
Font
General
Full URL
https://decrypt.co/_next/static/media/5c2f8b374be17117-s.p.woff2
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3ecfe25dde4e16be2f164605d9b886937415f62f9ae69f38ef885f693e7b6339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7509425
x-powered-by
Express
x-cache
HIT
content-length
15140
last-modified
Tue, 18 Jul 2023 13:58:38 GMT
server
cloudflare
etag
W/"3b24-189694bbab0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FFqfrmwWY6%2Feb0QB6Pku5JdJgv5ahfIKDut6essQX%2B6imNs2HvsgzNAS9KJjf4vrG7qbO%2FXIq2pNWp03H0RfeohcdtPJYL4zPkECH9fBuhO%2FTvcgVLASBozD4o%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
https://decrypt.co
x-varnish
35440542 35345521
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81576bf23f661c87-AMS
75d48862b1c48d49-s.p.woff2
decrypt.co/_next/static/media/
48 KB
49 KB
Font
General
Full URL
https://decrypt.co/_next/static/media/75d48862b1c48d49-s.p.woff2
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c642a43ff8e9e4ed068b6ef2722c313592191b914069968696608765b5e6719e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2413651
x-powered-by
Express
x-cache
HIT
content-length
49344
last-modified
Fri, 15 Sep 2023 13:21:40 GMT
server
cloudflare
etag
W/"c0c0-18a990116a0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPlRbApMPxI4N0Uh8PkESlbSYipcZN15UlaVA%2BxAdtPyftqfUDazWdsf51GXIdObBNrJBQBeqlyTicvHvBv5Am%2FjTFqDPCNqNOkXckJXrGGlF%2BnJZf4CHkClDTI%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
https://decrypt.co
x-varnish
28809635 21328529
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81576bf23f671c87-AMS
e4aa96e6ffc18fbd-s.p.woff2
decrypt.co/_next/static/media/
13 KB
13 KB
Font
General
Full URL
https://decrypt.co/_next/static/media/e4aa96e6ffc18fbd-s.p.woff2
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
01429d783053260a7c96e19f510e3fdde003ed7bf3e8d5d0f34ea317ddf7a13f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18841394
x-powered-by
Express
x-cache
HIT
content-length
13428
last-modified
Thu, 09 Mar 2023 10:06:48 GMT
server
cloudflare
etag
W/"3474-186c5d666c0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sw%2F9D1YWFNxahDzDUpGN03Ey0iecbvV5M9L3Xl%2B9utrq4%2FBJHGYDZPKPZEu6X49gSSk8WoqbwVuZgW5TaMydDQCEqt1NZ6c4XwDwNE%2BYw7vnxbTzIesyw8TBZns%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
https://decrypt.co
x-varnish
291084411 290123727
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81576bf23f681c87-AMS
f1cac2a47ee7a4c6-s.p.woff2
decrypt.co/_next/static/media/
13 KB
13 KB
Font
General
Full URL
https://decrypt.co/_next/static/media/f1cac2a47ee7a4c6-s.p.woff2
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d79912531388f6a6e55e50deac0cf5d275df28e5c2f9d4afa8d0f58072b93045
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18841446
x-powered-by
Express
x-cache
MISS
content-length
13228
last-modified
Thu, 09 Mar 2023 10:06:48 GMT
server
cloudflare
etag
W/"33ac-186c5d666c0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UjCeaTj6NWI5o3IyJWYbHjt6Fi0%2BKfEQIQNCbioShWomOFgZeKNTY66pNKgKFSAHc1u5HiAsys2qVVWW%2F25sbgeis3Jk0lDwN7d4zZAAQSkaOFKW%2FtKiw2VtB0%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
https://decrypt.co
x-varnish
291806958
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81576bf23f691c87-AMS
3d12b4366e4afd15-s.p.woff2
decrypt.co/_next/static/media/
13 KB
13 KB
Font
General
Full URL
https://decrypt.co/_next/static/media/3d12b4366e4afd15-s.p.woff2
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f1ab432a2f8e59194ec67510a15b66fa17a46fc020f84f8dce1f8e0d8d75cc76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18841394
x-powered-by
Express
x-cache
HIT
content-length
13112
last-modified
Thu, 09 Mar 2023 10:06:48 GMT
server
cloudflare
etag
W/"3338-186c5d666c0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=us2nZ0izAmiSKCJNh4r5zysv1RT4UZcDVQJKCBSaC4vXqR1cetBckX719312eWRTAEODIlAJH2Ky4aR5CHW4WUA0HiX0GI5KpUqE03HC2apqkytFEOTmqD4aeWI%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
https://decrypt.co
x-varnish
290929956 292392334
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81576bf23f6a1c87-AMS
b7581651db79410d-s.p.woff2
decrypt.co/_next/static/media/
33 KB
33 KB
Font
General
Full URL
https://decrypt.co/_next/static/media/b7581651db79410d-s.p.woff2
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6fcc435c3c0d1214264356edb0a26210a6af601215cda8347b75afe4a040adb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18841445
x-powered-by
Express
x-cache
HIT
content-length
33321
last-modified
Thu, 09 Mar 2023 10:06:48 GMT
server
cloudflare
etag
W/"8229-186c5d666c0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPIao8LIHY301OFrZ4ZUcUHTykT0tt5Ar%2FuZQ%2FbfqOerKA1Stuvz5OUSlzkO664G5rzU6aN1zDHetae266tTMvpCNWopT6Vz9tQkBfx9Rxd91dQI3TOGZOOV928%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
https://decrypt.co
x-varnish
292488705 291909647
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81576bf23f6c1c87-AMS
4a639ba3f2cd4cd2-s.p.ttf
decrypt.co/_next/static/media/
99 KB
59 KB
Font
General
Full URL
https://decrypt.co/_next/static/media/4a639ba3f2cd4cd2-s.p.ttf
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
dfd3bec4e1ab2fcef0c9a7e0961b0d417ac0dd22113c5bcc2f98a5aae847bd61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5604479
x-powered-by
Express
content-encoding
br
x-cache
HIT
last-modified
Wed, 09 Aug 2023 15:01:47 GMT
server
cloudflare
etag
W/"18de0-189dad17378"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kt41RUxvqIwbhiN1ocBxnTDIQcgU5wUxRO0jOkGFM0hFEnPL%2FtziYpn9IarMe1heAzD6mkxoMMvKycd2%2FowtWrpsbk8Voo4zawUJoMtW8JM9rQbgOsHePh8k02A%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
access-control-allow-origin
https://decrypt.co
x-varnish
190815264 190714970
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f6e1c87-AMS
1dccd8b6e5f069d8.css
decrypt.co/_next/static/css/
205 KB
33 KB
Stylesheet
General
Full URL
https://decrypt.co/_next/static/css/1dccd8b6e5f069d8.css
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
56671e79863944543228db7a0794d9296dfa5452c0d3b79e003f26bbd2bafc04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
73055
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 15:38:39 GMT
server
cloudflare
etag
W/"3343a-18b248a3418"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FtEnoKk7rL4XEBoplzUuUJ%2FbzeMB2hqzyS0MFpHzmN5tIdQ%2Bk0oRBTy142hMHPTX6zvjjdE%2BR8VImzyCFNtQi0BjQU0HOXINU%2BGKn3OZsDT0M%2FWZ3PZyNmntUM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
x-varnish
764722906 777946838
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf1ef271c87-AMS
f2dc4bdb1c8d1a31.css
decrypt.co/_next/static/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://decrypt.co/_next/static/css/f2dc4bdb1c8d1a31.css
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
61f2a206e837d144c8f3cbd4729e6a4fd1b87a593c69d9c8a6ae1aa04677b0e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
17265899
cf-polished
origSize=7329
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Mon, 27 Mar 2023 15:50:52 GMT
server
cloudflare
etag
W/"1ca1-18723c3df60"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rw%2FwtPBjO94ikXH%2FdMjJZWKBlJewf%2BNpKiYHnryYAN1q5WTIvMvG64UeRwzH65SM%2FZTbQEhy%2BfVHuwE6OsRIoxY2COtx7lpfkPcVoVdQ02CTeXnRIG2qoDLDF44%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
x-varnish
524497188 526781178
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf1ef291c87-AMS
wrapper.js
delivery.pubgenius.io/decrypt.-kkbxZKGT/
368 KB
121 KB
Script
General
Full URL
https://delivery.pubgenius.io/decrypt.-kkbxZKGT/wrapper.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-17.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7a0f17603fb537b9a68b2d8e80b07f10f0a56a0e89c2078d3b9f25c801171eb6

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:14:47 GMT
content-encoding
gzip
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
last-modified
Fri, 19 May 2023 22:54:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
39428
x-amz-server-side-encryption
AES256
etag
W/"4e273e4fadf562280a165c51a06b146c"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
UIcoZ6VvXdbzi80NiUNAXnclc_PKf91Ky0Ma0yTwx0SgaFCT0cHdNg==
1293-7b5d824e8488e8d8.js
decrypt.co/_next/static/chunks/
8 KB
2 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/1293-7b5d824e8488e8d8.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ada9f0c5bd47cacb9d1bf77928ec3b2005cd91f7bda69b9302ab5bb40c6d4fba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
98110
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 08:36:33 GMT
server
cloudflare
etag
W/"1edf-18b2307c268"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1iDLm9klyx83C0oE876k6mxwrLEToGCnDcsM5oCG8ISgD0zBG1COVDdzcz8RalFUHV6ZSe0K4LAZwFWZ8z3gjYmSZpEDcKOQJkneBxI4tCadvkyahUDeWYFm9c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
681159664 687145132
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f701c87-AMS
1845-0181a1ddec3e13a3.js
decrypt.co/_next/static/chunks/
158 KB
39 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/1845-0181a1ddec3e13a3.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
291ce931d8d0a1fafa6cc9d7a723dd165acb6dfbac255e980818f4a42501f585
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
3012457
cf-polished
origSize=161960
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 08 Sep 2023 15:04:53 GMT
server
cloudflare
etag
W/"278a8-18a75531208"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfsYnjUGhSQkr0XVKMVtBLmI%2B4SEfPAhE22zhK8jggUKy6eQ8SiragEXVUamzivrEEA4hMKgZdJP9Ja02PZvnkIkzl9oJGrN4KR9tvTnFFqkZwg5i82LkyY2Yig%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
495949560 491559411
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f711c87-AMS
2104.a33a75ff4da24375.js
decrypt.co/_next/static/chunks/
8 KB
4 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/2104.a33a75ff4da24375.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d7d59e1901c5a25a5a36a3e4d2d48e1d222cab726983f4996d788ff0dee85253
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
98110
cf-polished
origSize=8449
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 08:36:33 GMT
server
cloudflare
etag
W/"2101-18b2307c268"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4En2Zaxi%2BWwhgjMOLsOSIUvaGxjBcRiclUqduU%2B6fE53HWS4BLrwXUjX8yw%2FAGHChKsvJXJXMxavrQF2ubq83p8e3qYRG3%2BfXmCuel2nnYLWt8ui7SF3m%2FgJmh8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
679162917 686293332
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f721c87-AMS
4676.4dedc8a8cb18b39f.js
decrypt.co/_next/static/chunks/
3 KB
2 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/4676.4dedc8a8cb18b39f.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
08a07d5e6f83c7e43080b10b53a4715d4d9be481019f9978ccfddeec1da27ca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
2804984
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Tue, 05 Sep 2023 14:39:24 GMT
server
cloudflare
etag
W/"c89-18a65c8a960"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45t5N%2BuUxVkXpkZjlXaKxhRw97eziT46TTSNvm0Hc0VrwoQxEFoTonlIzbD1rk%2F8nwogJgYSclRF6JRvyjdiSL9FeJbzw5E0UWuELdf3AgcX7%2Fwdgi6csnlfark%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
603897747 444584508
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f731c87-AMS
76.a11c6ec18bc7a6b8.js
decrypt.co/_next/static/chunks/
19 KB
8 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/76.a11c6ec18bc7a6b8.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
47a992aa86f3ad323fb1a1cc9722d7eddb7f16452fde15dc410d3962b0b78879
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
98110
cf-polished
origSize=19856
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 08:36:33 GMT
server
cloudflare
etag
W/"4d90-18b2307c268"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBhXLNxEfu26D7bQV13%2FhlRUIDunIQ0zn1l6Fts08whQcXup3YKx2rVXAxVJPdnON3640UJCGM3%2Bq0PE3T5npPFxUdWjezSgvw0DXKfF7GIYsuJ8%2FXuVy5uZ5PY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
676417162 682561877
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f741c87-AMS
webpack-40a3e8d5d0fa5f89.js
decrypt.co/_next/static/chunks/
10 KB
5 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/webpack-40a3e8d5d0fa5f89.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
345a7aa8d7b28169c3bf25487bf23796a7b534ef1d477f42ac59b3998aa70e13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
73032
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 15:38:39 GMT
server
cloudflare
etag
W/"277d-18b248a3418"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49pQJMihu4BDZpYxZHUCjW0vE3FggO2Jlk%2FZrVARYTrMGMlBZQkKlalcn6ZM7VArA46lgu0SIqECOkdGecXN1yATied%2FRoso0kT3qrZS52gh3ueOPKGz%2Fp81vIA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
766362404 768325059
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f751c87-AMS
framework-f29e48ae95cae5a3.js
decrypt.co/_next/static/chunks/
137 KB
45 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/framework-f29e48ae95cae5a3.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
18cdc722e78e734edcbbd6972f187f9e1b5a3fe7f0137ad3c0464c4c54248941
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
21837644
cf-polished
origSize=141072
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 02 Feb 2023 17:56:31 GMT
server
cloudflare
etag
W/"22710-1861345dc98"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFOlUsDF3sOQOvTJh7RKuXYLrbqeQ5KmOzhNqfuvpwL6PBOM2bRRpuhmrHAF8SD7RHIi10tPUvA0ILKN1w936vnPJA%2Fr1JhV%2B%2BudGmIVhYo8q8SKIWaa15YqpaI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
566335107 566335029
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f761c87-AMS
main-0d39d5d33f21d218.js
decrypt.co/_next/static/chunks/
94 KB
28 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d9da809ae1419eedbf9d4048b2319ddceb6c115ee85ce2ad4f2657fd42471199
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
5028575
cf-polished
origSize=96351
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 11 Aug 2023 14:09:23 GMT
server
cloudflare
etag
W/"1785f-189e4ee3238"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjQ81KKUoZ7V3O66uV4Ur5TBqjbgW%2BLihdLkbf4IgFitunHO9nl733%2BkQqknq3DnUCKDsgbV9cUTcSr1H9r03uVDCNFmwOKIubC3l56irwZyc5AtvXl11iPFWJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
116861844 4425121
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f781c87-AMS
_app-29b376bf10c9dcff.js
decrypt.co/_next/static/chunks/pages/
2 MB
507 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/pages/_app-29b376bf10c9dcff.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9d3edf5878aaa6193a4dd38911365084c3c8b1e0a53159e301c5b2364b0191c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
93554
cf-polished
origSize=1856243
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 09:51:14 GMT
server
cloudflare
etag
W/"1c52f3-18b234c2250"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGMzE5U9c%2F5WilkJBfN01HHhqYQ1I%2FVtzOVolohIvbjSSOXS87lXYOtZGyVqVfqN4Px6gJT1EVzFwdv%2Bzu9XBPk7o3aheZ%2F6zVHkBgxcdSV70EHl0d%2FWVFQh86Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
704352687 687955715
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f791c87-AMS
e893f787-50ec1761c96c022e.js
decrypt.co/_next/static/chunks/
318 KB
86 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/e893f787-50ec1761c96c022e.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
949b46503ffdec1b16c1c336ca6df94bd620a2e64f29d11d6b6757face249e65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
7509425
cf-polished
origSize=325538
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Tue, 18 Jul 2023 13:58:38 GMT
server
cloudflare
etag
W/"4f7a2-189694bbab0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MoIl65xc4OhUpQ7PTXHZFSOaEzYxuPTsJbHsgpG5QGamlGKQQYxEntb6Gff0tcWP3nsu5WkbLOL5cOpsFe%2Fk0UUEGIEN%2Bke%2FLkA3zvz%2B%2BGLjwXoUFW8QzYJtXA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
40304728 35611487
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f7b1c87-AMS
ee7bdd82-681cd2bdbd42c0cc.js
decrypt.co/_next/static/chunks/
293 KB
99 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/ee7bdd82-681cd2bdbd42c0cc.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d13e2137b97510a7ecd74b7e7ea2a75da2c4e41d5a2939d2adbc8434c83d2d3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
12272434
cf-polished
origSize=300393
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Wed, 24 May 2023 10:54:31 GMT
server
cloudflare
etag
W/"49569-1884d656658"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RANAPWbIupES1RBuIUPp7G6qQRtKicnaW89J9mZiPorm5IQf7hQ1CPUHHkDU%2BEKe3McgRtblqsQ0Dp%2FqDptQGb3lfj8u%2FtHWlFeP9AdNlVb9CIIGycUxBPxrSHc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
90810618 112921465
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f7d1c87-AMS
6517-b45269f4c131841d.js
decrypt.co/_next/static/chunks/
39 KB
14 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/6517-b45269f4c131841d.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8a41cf73aacdc5d219d5cfa02e597f7634c2bc853a9886cef621c5f7ba150fdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
7509425
cf-polished
origSize=39525
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Tue, 18 Jul 2023 13:58:38 GMT
server
cloudflare
etag
W/"9a65-189694bbab0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o14gBtoymREPYE747ZOjJ2CrDMUiE6%2BVYzbHyiLSNyLw9IVqsuaMJGnLuQCEAYM%2BBeS8UDAIVQaiACMoWl1KgNJ%2BEDEhFGu4rVMr%2FQsOyP6r4y3Csu%2F0vF00O1k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
35611750 39855517
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f7e1c87-AMS
7940-46cc605491a87078.js
decrypt.co/_next/static/chunks/
10 KB
5 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/7940-46cc605491a87078.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ae3a9914c26a945cb98fafe85bf6e65a25a02ab5344c5fa54871864f25399d9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
98110
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 08:36:33 GMT
server
cloudflare
etag
W/"26ba-18b2307c268"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YkiHNxlhdQ%2FLb%2FJNVV2PGwdzoaF0iLLqBd9f4RNc3fzT%2BJVOcWAXI2a81xSaTx%2FKI1wJ%2FRIUiDj2g%2BDJ9qfzKGDsrUyDFh%2FL%2BP0XtKFFL7uMP8%2Fm8juvQ0Amxy8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
679717526 687439980
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f811c87-AMS
7582-add58cc251144932.js
decrypt.co/_next/static/chunks/
98 KB
28 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/7582-add58cc251144932.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3058dc49b1d849c9dea2f9177220a819c4c69e820b681689e81fea28ad6436e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
267386
cf-polished
origSize=100734
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Tue, 10 Oct 2023 09:40:20 GMT
server
cloudflare
etag
W/"1897e-18b18f56fa0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8W%2BwSP2SO2Ifw6zU4r2TkJS8HsmgYM7JeJF9t4mVgD2fID0MX6RC%2BSaZtiVl1OyE1gGsTNJEMjBJplPyJzq6GkXY0DjC6tC6nhDfNLjHZlL9hCdfVQaJ%2FQ0Vr1g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
115219936 97036167
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f821c87-AMS
4792-10ed92876f05c8e8.js
decrypt.co/_next/static/chunks/
35 KB
15 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/4792-10ed92876f05c8e8.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b3fbc63c639e25321cc5910144056f6f11df12ba3a8738bab5dfb1c1dfe50f41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
12272434
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Wed, 24 May 2023 10:54:31 GMT
server
cloudflare
etag
W/"8c15-1884d656658"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IDOFaFhtBfgTj7FkDaWIoVMChdznkuByqj6rcQ6jqGX9kKmOGOErWGL%2FwqJom5vIBU8%2Febsp2CA4Gmr4yvJTCfbKoDX7YAIBIS7cxMkHasuqzI9Nrxp55To4iY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
108301891 114098652
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f841c87-AMS
4196-815fa284ede0ea40.js
decrypt.co/_next/static/chunks/
41 KB
16 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/4196-815fa284ede0ea40.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6bc4b44f1af279468652f19e99e5be22e51900ed7d3055797263993d61a2089a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4483126
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Tue, 22 Aug 2023 14:26:04 GMT
server
cloudflare
etag
W/"a5ba-18a1da36c60"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcutRHfS4BEOHFRTFFcNIHkaOVilydwR3XgvS5r6zITZNf7Q3fLJiC6c9vflG0wbAY39T8U5lUFaODxZ3YLvKZmFooKgEtyFQILyes3F%2Bo2VD6zeq%2BrCMWbfz80%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
189956692 191817095
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f861c87-AMS
6582-5b43500ecbf98b1f.js
decrypt.co/_next/static/chunks/
18 KB
9 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/6582-5b43500ecbf98b1f.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
79ed50d749590fdc3b11fe00ed3709a23b9eabbcc7cc641811f3aa2e1f8c4c91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
12272433
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Wed, 24 May 2023 10:54:31 GMT
server
cloudflare
etag
W/"4941-1884d656658"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZKlc7Dvjbx%2BSLIi4Fnaqs9ZmYt%2BtOWdqATv1I4oY%2BoadQ%2FH86aAb7GWbJtkM3XGBkONHJ3N0uakh6ahFdrunnETbZEYvuAyQ14olgFh3SqVhpXagBDAODSi8Oc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
113673685 90810053
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f871c87-AMS
3486-ab7e75996b83346c.js
decrypt.co/_next/static/chunks/
10 KB
4 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/3486-ab7e75996b83346c.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
dd18d02e16379e52b39ce7c7884616247f57bd1a40c6432ed9dadcac3bc7d271
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
7509425
cf-polished
origSize=10705
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Tue, 18 Jul 2023 13:58:38 GMT
server
cloudflare
etag
W/"29d1-189694bbab0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSzkJVy89RoYxZRV%2FTDafsLiQTuThQkopg0ZnxzMTRFYyMlkDRXgRovuji8d4ndxkp%2BnihHB%2FULboHdED%2FjEmSBXHGclID1VJpDe878VCKVZ7z4tW1CyW%2FqKD1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
35345759 35345485
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f881c87-AMS
1416-8b5de4a6c0a3b08a.js
decrypt.co/_next/static/chunks/
7 KB
3 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/1416-8b5de4a6c0a3b08a.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
91f4da945d127e1b4f9d684ec4e4f1c24cfdbb8504d7b53c4c6b2ef9aeb1676b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
12272434
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Wed, 24 May 2023 10:54:31 GMT
server
cloudflare
etag
W/"1bd0-1884d656658"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhMKM%2BLUbFzdMzDk2nQWcto%2B8ppG%2Fz13o5yYNv2pYb4bT2IP%2BlAibm8%2FWQDAfCOynREyWtvxDyf1NnhODPXBoRQJoublNpwlqiCMmoMhwq36vZNUuzzmTjdEBzY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
90810623 115444910
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f891c87-AMS
4053-ee2d1e1562c1ea36.js
decrypt.co/_next/static/chunks/
27 KB
6 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/4053-ee2d1e1562c1ea36.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3010e888c02174130bf5d52bc15cc2659f569fc088d1b93340019c525009573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4483409
cf-polished
origSize=28014
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Tue, 22 Aug 2023 14:26:04 GMT
server
cloudflare
etag
W/"6d6e-18a1da36c60"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVz5HIIEZ5YfRjkwh3NgeeoDBxZfz96O6GXto86QOJfIh4%2F1Fw%2BsZTmTLHcv0xsEtlghcXaa1hoHbDbRILr6pW5SRZwaE%2BEIN8GAN0kGwqYgA%2B67%2FgCd1lBKI8k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
186227950 192644593
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f8a1c87-AMS
6786-695fb1319f08d60a.js
decrypt.co/_next/static/chunks/
105 KB
33 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/6786-695fb1319f08d60a.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8e458677a661ebcdf7ce3cc8b65a88601115c701f7165a01b0f968c377cfbeb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
98110
cf-polished
origSize=107864
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 08:36:33 GMT
server
cloudflare
etag
W/"1a558-18b2307c268"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nuK7B%2B4qCt5ZH%2FQVAvyR2aChSVYOEdTqZs2fZZD9nuRBgsMdhJsPC6EP%2BYsZvBh7sgqh6rLdhd0oKcZPWXTXhoPENVDuJG1C%2FnnnqVQFrIvwWCzJfJUqwnu0Yc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
670030659 686719099
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f8c1c87-AMS
9460-094473cdc20e8fa1.js
decrypt.co/_next/static/chunks/
24 KB
11 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/9460-094473cdc20e8fa1.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6d35f52b30d70b3e8f54f21c227931826b9ca43b85cfd826ca19ce827f25c58b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4483126
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Tue, 22 Aug 2023 14:26:04 GMT
server
cloudflare
etag
W/"6178-18a1da36c60"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXm%2FSw7GXAaWDUUw8xL535qcWx8A1J2gJYQyJqSPpl61rs%2F%2F7ZFfOYoMAHeUWrWGRYQMIz4lDO7OnM85AW42OU0P1UHFcT0EvZCidUl%2FMtezmVfoqxzJwBWntqU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
190165917 181634372
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f8d1c87-AMS
4554-dbf7daec43c0deae.js
decrypt.co/_next/static/chunks/
550 KB
128 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/4554-dbf7daec43c0deae.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5039ec9d87a3b723597f43de14496c18092fd8582de101c8339928cb3f1de150
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
93554
cf-polished
origSize=563243
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 09:51:14 GMT
server
cloudflare
etag
W/"8982b-18b234c2250"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvf5JW%2FB81gbrZCEeKPxT0M4iVD4gEq%2Fx6d6YqVh%2B4LeYQOEXJpWkS73zY42y9MzUHUHSyznl4VQ4pGdsfYTW74MMp133ZvthIKHioyVG0oJ8zKqhr9IvM9N11s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
704352688 697216727
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f8e1c87-AMS
3572-1f9a408d21861f4e.js
decrypt.co/_next/static/chunks/
16 KB
6 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/3572-1f9a408d21861f4e.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
dabe6ca686641f1ad4ced584c79cb25b821b28076d19d4464e4e034c75e13322
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
3705988
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 31 Aug 2023 14:30:09 GMT
server
cloudflare
etag
W/"3f64-18a4c006568"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FjZMbnqL%2Bb4mkDT9aHtfnLlpHucfVnrOotmZgOSICi25HK6sFLEXEN5uL6RPq3a%2Ft%2Fc2v6Mk0XqD8QURfCk4sXtpmLzti5udTjuffDnwymdzuEA6Q%2F%2BozSjWa8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
287722160 288404706
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f8f1c87-AMS
6878-d3c2f40a96ea6beb.js
decrypt.co/_next/static/chunks/
12 KB
5 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/6878-d3c2f40a96ea6beb.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e8113885657b316d18fe6863ba7ae9175e000e3d4777b9cc4b7a11e5bbe1ab66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
267386
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Tue, 10 Oct 2023 09:40:20 GMT
server
cloudflare
etag
W/"3101-18b18f56fa0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziObQOhK%2BHegOkzvRQA2nlC%2Bm93dG5WHuwcbeNsJ9O09v1pt5Z%2FIz59pqnk6%2BDp0KRVJZngoVVXiTHiPBHNBEiOsVgW%2FKUG9V9F6Eg6S2qoHGyL27wVWVEFgfv4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
118690706 106504023
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f901c87-AMS
3866-7eae110adcb353e6.js
decrypt.co/_next/static/chunks/
27 KB
8 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/3866-7eae110adcb353e6.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b384d585fbaba6b6dac692948decfe5cdaaa274a94fdf7ca8246c0b7765be7e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
689970
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 05 Oct 2023 12:18:15 GMT
server
cloudflare
etag
W/"6b3d-18affc63758"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCcZi84iSsqYlJPiQiT8h7r1Lwlotix85LjmehT93yS6NRfOFQzfxP8gvs%2BjM5Jgpjx1Sfq0TpQOb9cn6Io7j31pU1VWYeO2QyV0F%2FLAZzOdg6r7pLKWhukawEk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
1008167510 1013527606
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f911c87-AMS
1589-b19282457edc2f2b.js
decrypt.co/_next/static/chunks/
12 KB
4 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/1589-b19282457edc2f2b.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8fcbd20742a924b0c2637c326b816fd4ff74a6584cbfb3030a503f1fd5c92abe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
3705988
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 31 Aug 2023 14:30:09 GMT
server
cloudflare
etag
W/"3137-18a4c006568"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SknhxF1iDAwi6KP8%2B8t4qYtpC7Y1XvPiPYW4rL4fbdjRNsUZWYlTrQKyxx9KWSHrg0Nepjyj3BeTJLMRAoJ23o%2B5%2F%2B2EwfTEysSu0%2BwJSZ%2BRmoVWeKZkHO7aeFA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
292686443 289206033
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f921c87-AMS
4-4d977defec63db4f.js
decrypt.co/_next/static/chunks/
19 KB
6 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/4-4d977defec63db4f.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fe4f5830e8997ab78a44111d6e1df8277d82aed669902985683e040a733c05a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
771903
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Wed, 04 Oct 2023 13:33:06 GMT
server
cloudflare
etag
W/"4bf1-18afae46250"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2%2B01PsdXH57AqI8SdPJ1rIqVDDUfIw0Aqkwab%2BnJ4ip4zcoWvMX4BrSxVoz%2BwAbUuB%2Br4STkOFw20LpdQTMClgeHgD9FVrsZgX%2FiKhfIDXWFDHvMSc1Iy5TZfs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
828319085 853903456
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f931c87-AMS
4939-f8fcb3259bc07c87.js
decrypt.co/_next/static/chunks/
12 KB
5 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/4939-f8fcb3259bc07c87.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7e8bb4e11b8f596241df31a341a3a401652b92abdc68a3b6f58cc50f1d5f383a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
3705988
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 31 Aug 2023 14:30:09 GMT
server
cloudflare
etag
W/"3186-18a4c006568"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cX70knSDBcaJQzEleFHUbsn%2B5bvqH4aV0ELi9iWTZQFVmdAIylPa148dvZN9o4%2F1OyWBcUS2oy19RvlHiw%2FalafYXi9LyGGh%2BpVoviSFwRh6Lt6ifWzuUhuKIkE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
286984794 289603096
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f941c87-AMS
7815-b1bb65d0ab989c33.js
decrypt.co/_next/static/chunks/
11 KB
4 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/7815-b1bb65d0ab989c33.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a035f489dd38394d1c1135c7461b55e4ee51108f71fb3cdf491489a0c4eb1861
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
3705773
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 31 Aug 2023 14:30:09 GMT
server
cloudflare
etag
W/"2a6a-18a4c006568"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMzinrjQjXsrwejDvmy9utmwSECWr1lL9rZuKqCEudSLjSLCUlNb3XftmaDPQ6ZZ%2B87Z6S0ojgVm4KP8PmyM9jww2H6EHcDgdCYAz1jACzDo%2BGmO7KZI2pMMs8M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
285257076 291973001
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f951c87-AMS
8130-96e7003ebb359a70.js
decrypt.co/_next/static/chunks/
70 KB
21 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/8130-96e7003ebb359a70.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8ddd7e2bb0c4c1a2dc49b4ab6a3d7b6f9b9c4f574059f1f5ecf4747209d033fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
3705988
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 31 Aug 2023 14:30:09 GMT
server
cloudflare
etag
W/"119c8-18a4c006568"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFc9P8Ocs6rdbfYjiP14anIBVpfmzBTq%2BgGCa3mqeRxtJb6%2FojZYp2N0mCR1vw8msB0n4oxXsr22xjIGd3SmEZTyLkNkUCA9qqjVGxo65PRHReZGS8ZjNL2Yf1s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
292686444 292979822
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f961c87-AMS
3763-a73ff2b7f766d7ec.js
decrypt.co/_next/static/chunks/
8 KB
3 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/3763-a73ff2b7f766d7ec.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4b6dbc71e6e29f04d48cb830748025f0c4c2428cbdaab7675b3dae6f202bacd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
3705988
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 31 Aug 2023 14:30:09 GMT
server
cloudflare
etag
W/"2111-18a4c006568"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5cIWCW2F9TwpncBbbf7vNOwcXOQUGhYdR3gaI5iqDTXn28rFgfBbCKGCeCFOtnSJRqMk%2Bi8jfIddQkKKDCh%2FZfA%2B8oEY%2BHOei1sj65roAlUldnQrdiHjxowaXcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
293308011 292754835
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f971c87-AMS
post-f8d5bded455d50f5.js
decrypt.co/_next/static/chunks/pages/
107 KB
30 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/pages/post-f8d5bded455d50f5.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3531a6038d8c443a058d56a478b947afeb7b0e472a9e4f9069baf654b19d97a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
98110
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 08:36:33 GMT
server
cloudflare
etag
W/"1ab6f-18b2307c268"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FqZd7NF6wG0xcRk80P9ikKJARWKFU1U3Wvk0q4zqWs7ThALG5D%2F5i%2FEbpR1O%2Fws7Ej6kI8ePctfzy2JDFIFi7EslAWTi67Zdu%2FCtASs6zQjsZ2Fz%2B8QkJ4zKto%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
679129565 686293330
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f981c87-AMS
_buildManifest.js
decrypt.co/_next/static/UdoQzlez9ugM0WBbF_tMv/
9 KB
3 KB
Script
General
Full URL
https://decrypt.co/_next/static/UdoQzlez9ugM0WBbF_tMv/_buildManifest.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
34de3c28ebc456ce336489e8cea9ae56762fdb1e7691c2a080b00256c98925e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4728
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"25d7-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Crzlm8fAG3tUIV8kVwwKmTLYavi5jR1bOPRBHNrTtBKcrkkC5dhY2PpcicNkJIUyNxjCKR%2BdbWAKFbAiti3%2BMTZVLV6kpSBPI0%2FrkaHMuT25OwuA2eMjL%2BG%2Fr%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
943448769 941879231
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f991c87-AMS
_ssgManifest.js
decrypt.co/_next/static/UdoQzlez9ugM0WBbF_tMv/
103 B
484 B
Script
General
Full URL
https://decrypt.co/_next/static/UdoQzlez9ugM0WBbF_tMv/_ssgManifest.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
792318d91d50f2a952e08ec9ad3a4c081d969d62730ef9d4a567da45c8ad635d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4728
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:37:17 GMT
server
cloudflare
etag
W/"67-18b289ca748"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ArgVEv%2BO32FJzhuGQEWL%2BYbYXwvpA22R1RqTzemFeiMeZL6n9miceb7kKZdBdXcyJCPzhQec%2BNyiCKueHUMkDQRgoDtH4ae24plNm7RUkz%2FMfjrMLAFas3vr6hY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
943610783 943209359
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf23f9b1c87-AMS
p.css
p.typekit.net/
5 B
172 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=ktq8geq&ht=tk&f=5022.5310.5416.6773.39347.39348.39349&a=548490&app=typekit&e=css
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-129.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
last-modified
Sun, 10 Sep 2023 12:39:23 GMT
server
nginx
etag
"64fdb8fb-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
v2ihn2b_QOLfG-xGKuMmPd8mQ_W8jw1FLMJrA0B_4cOAIvYKbIqqeAcQ3
superficialspring.com/
68 KB
24 KB
Script
General
Full URL
https://superficialspring.com/v2ihn2b_QOLfG-xGKuMmPd8mQ_W8jw1FLMJrA0B_4cOAIvYKbIqqeAcQ3
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.134.78 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
78.134.111.34.bc.googleusercontent.com
Software
/
Resource Hash
bac904b324ab632c983d652fab88f57bc606e75b3fd99842bb9fdd816c63863a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Fri, 13 Oct 2023 12:00:20 GMT
x-datacenter
gce-europe-west1
etag
"1e2c7534ecc90f88627e6253a44b4dacf4aebb37dc5f5445dce58a3aacfe8087"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-f2l1
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1033761249
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gtm.js
www.googletagmanager.com/
147 KB
56 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KGBFBTX
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d47b539472c50c9136f0a7d0c64e3d0d5c4d1812e194f76ffe45dee255e59ae0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
56883
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 13 Oct 2023 12:00:20 GMT
rollbar.min.js
cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/
76 KB
23 KB
Script
General
Full URL
https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5aded642b1abb82543fe9109e8941ecf20187725e620f653e5a4493f98bfd682

Request headers

Referer
https://decrypt.co/
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 14:57:47 GMT
Content-Encoding
gzip
Via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P3
Age
1371754
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 01 Jul 2021 16:33:06 GMT
Server
AmazonS3
ETag
W/"f4ef0fc94cceeaf341a6a37b71e53140"
Vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=30672000,public
X-Amz-Cf-Id
_bmS_6t8ju3ssJxuEFM1RntffUxA_snnp9c0H8KA7ENaHv0mzpUhwg==
truncated
/
78 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54452be992ca4a705e9b73377641b1a9d38df3b08e87b79c305a9214399f44cb

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/
78 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e35355fd108a997fcc1cd4ea3e24bb38e798fda6948b9e3ad4f3b77d59fad980

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
waves-bold.png
cdn.decrypt.co/wp-content/themes/decrypt-media/assets/images/
1 KB
2 KB
Image
General
Full URL
https://cdn.decrypt.co/wp-content/themes/decrypt-media/assets/images/waves-bold.png
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e90f4217307d48274ca388de4746a2a91ad1a49774ed7c341cc6319b146298ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
185056
cf-polished
origSize=2555, status=vary_header_present
x-cache
MISS
content-length
1344
cf-bgj
imgq:85,h2pri
last-modified
Mon, 20 Feb 2023 09:36:30 GMT
server
cloudflare
etag
"63f33f1e-9fb"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVNIkVjEF2b%2FbijGtlyK%2BzN5flxvv6zjfLvIlPiji6ufAyvzBbUxBExk0EHCHSlKA6OD3Zy2jGPYv%2BIPEeF0LafO3L8JiKU7T25A1pjKGhFjlTSQTMo61HRfDLAfrfeQ"}],"group":"cf-nel","max_age":604800}
x-varnish
476152131
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
cf-ray
81576bf3b8b31c87-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
l
use.typekit.net/af/3058a4/0000000000000000773599a9/30/
38 KB
38 KB
Font
General
Full URL
https://use.typekit.net/af/3058a4/0000000000000000773599a9/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-200.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
48a65b54ac1a5135f0684958f16fd517109b2d20784872044727a7e56fc1d8cf

Request headers

Referer
https://decrypt.co/
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
server
nginx
etag
"a8ee95f6a0441cd36fd0f7c8e0cb6398f0fcec8a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
38548
l
use.typekit.net/af/ccb3f3/000000000000000077359996/30/
39 KB
39 KB
Font
General
Full URL
https://use.typekit.net/af/ccb3f3/000000000000000077359996/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i5&v=3
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-200.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d3854f9aef9bb56a35fc2862f04a164db1fd159f7c8187d9263018e204527408

Request headers

Referer
https://decrypt.co/
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
server
nginx
etag
"115128beab300af3f36b409d3b4fcb0ae9306785"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
39752
skeleton.gif
static.adsafeprotected.com/
43 B
485 B
Image
General
Full URL
https://static.adsafeprotected.com/skeleton.gif?adunitid=zshsa&adnum=189994
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-27.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 28 May 2023 02:26:58 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
11957603
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
QB3OnQGIJyQhkUSTIkfTveHlx8R1zh5qx5aUPAPuP5EqhkFiWxOxYQ==
events
spindl.link/ Frame
0
0
Preflight
General
Full URL
https://spindl.link/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://decrypt.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-api-key
access-control-allow-methods
OPTIONS, GET, POST
access-control-allow-origin
https://decrypt.co
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
81576bf6c9b7b4b4-RIX
content-length
0
content-type
application/json
date
Fri, 13 Oct 2023 12:00:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvZAXfF7GKxk75hNTaWCGIMVurt7GQ4kSPHuE1zCY3aWRtq3pi6RAyfChK1Ga7nmbw7XXe0THPVLDqQeqpkFuIzjTCLUw32oU6Ln0kErDLKGIJUO9ZF7Q04ulxzQ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/
255 KB
63 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: delivery.pubgenius.io
URL: https://delivery.pubgenius.io/decrypt.-kkbxZKGT/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 11:56:45 GMT
content-encoding
gzip
via
1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront), 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 19:43:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
217
x-amz-server-side-encryption
AES256
etag
W/"e1caada96468a3b669d0d0cc6ec9a23c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
ZFoYUdMRzOjoSwm0lsLqxuzJ22lMn-8dohE31ITTpWI2pS4S4s8h7w==
gpt.js
securepubads.g.doubleclick.net/tag/js/
99 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: delivery.pubgenius.io
URL: https://delivery.pubgenius.io/decrypt.-kkbxZKGT/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
b13ae7e17fd6685314f4ea71d7c5b4249dd0e39aa8ef6ebc5fc8b9a31d3d6f41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29623
x-xss-protection
0
server
cafe
etag
808 / 19643 / 31078750 / config-hash: 6573106487551255759
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 12:00:21 GMT
config.js
cdn.confiant-integrations.net/zD0iiXW2vc9qgQV-IUxLCFMy84Q/gpt_and_prebid/
83 B
448 B
Script
General
Full URL
https://cdn.confiant-integrations.net/zD0iiXW2vc9qgQV-IUxLCFMy84Q/gpt_and_prebid/config.js
Requested by
Host: delivery.pubgenius.io
URL: https://delivery.pubgenius.io/decrypt.-kkbxZKGT/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31b3b3ac7c512819ac805a25ddf3876da73c829719c83fc1a9f3f25e50184fd5

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Sep 2023 20:04:54 GMT
server
cloudflare
x-amz-request-id
1XSZNBFJNKQFW36Z
age
380
etag
W/"10b0d46cc90da71e075f7c6bd8ed8fe4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
81576bf4b8e95f15-ARN
alt-svc
h3=":443"; ma=86400
x-amz-id-2
JFauI7E6EgI9vVHs2X7y3iQCvS4Ng7Zo9iy/l7zm72JGq2HfJTD8MoIiX1Dj50IhNljwM8ZxUTc=
286-a3adf36574c1a8b7.js
decrypt.co/_next/static/chunks/
18 KB
6 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/286-a3adf36574c1a8b7.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/webpack-40a3e8d5d0fa5f89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
14a6885848b1a372754e5e02da3c266d417c309fc767cd7b1a5614b02a934cf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
98107
cf-polished
origSize=17988
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 08:36:33 GMT
server
cloudflare
etag
W/"4644-18b2307c268"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARjf%2BIZDdVqlDDrqxbWbDWG3RrSf0qlUdRwwfgZN5UXO8RqzNNsw44e9qHKtq%2BFQDCQ7qfbMA4E%2BICOMUAOvQQDr6Q9kyDR3GD8GqT5qG96TBuMQ%2BtIV%2FGPmGS4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
685213326 669963343
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf60ace1c87-AMS
9299-531dea2c510c20dd.js
decrypt.co/_next/static/chunks/
118 KB
31 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/9299-531dea2c510c20dd.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/webpack-40a3e8d5d0fa5f89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3c43a5fff386efad93d29366d9ea242706f6651359d2fe7eda0fc88555fbed9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
98107
cf-polished
origSize=121377
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 08:36:33 GMT
server
cloudflare
etag
W/"1da21-18b2307c268"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cK4drfLybPV8hBwjSW5KE8c4IECo5dOoBFJpR%2FElT5dUDjFOovL37WQ3MLosfNDhCmZuAsJHncTZyOGqyM%2Fu1RHyRk1QqdX%2BVX8un8pi3aQK5XtdxcDXsMnCeaU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
687376288 682272834
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf60ad01c87-AMS
7853.19f854fa776acb67.js
decrypt.co/_next/static/chunks/
207 KB
58 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/7853.19f854fa776acb67.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/webpack-40a3e8d5d0fa5f89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ca08a0844550cab6d8639a4c694a1697056bef8009a5bb27cab645a8106c1786
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
600020
cf-polished
origSize=211897
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 06 Oct 2023 13:06:55 GMT
server
cloudflare
etag
W/"33bb9-18b05192198"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LdhFN3lA2fiYSR79BlUk41s2DV6cMpMcoudyKMULCeOvOem8iLoO4u4dqLuSr0wt6Litp2XZ23HpB4TzEW5QsEepuh8Z6Pcs3cdX6ZvAzrPc%2FGOoylQ643tkE7s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
223610316 223477764
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf60ad11c87-AMS
events
spindl.link/
0
0
Fetch
General
Full URL
https://spindl.link/events
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.8.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
X-API-Key
4a88f6c0-05b8-4a50-8baa-c765daa87054
content-type
application/json

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wlxw5WHIheZ8SSsiPuWMeNVt64Vva5ahqhjnHyCRTqN7n3ZwTuZtiA8Uwd8orJuIxWV6dGOPIF3ztE5xW7wzZPp6d7hrRw8gDSNqRLMB%2BjQ4L9XRc3FlFRCoF7aX"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST
access-control-allow-origin
https://decrypt.co
content-type
null
vary
Accept-Encoding
access-control-allow-credentials
true
cf-ray
81576bf7786cb80f-RIX
alt-svc
h3=":443"; ma=86400
/
api.rollbar.com/api/1/item/ Frame
0
0
Preflight
General
Full URL
https://api.rollbar.com/api/1/item/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.81.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
77.81.201.35.bc.googleusercontent.com
Software
nginx/1.17.9 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-rollbar-access-token
Access-Control-Request-Method
POST
Origin
https://decrypt.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-rollbar-access-token
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Oct 2023 12:00:21 GMT
server
nginx/1.17.9
via
1.1 google
x-response-time
0.141ms
/
api.rollbar.com/api/1/item/ Frame
0
0
Preflight
General
Full URL
https://api.rollbar.com/api/1/item/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.81.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
77.81.201.35.bc.googleusercontent.com
Software
nginx/1.17.9 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-rollbar-access-token
Access-Control-Request-Method
POST
Origin
https://decrypt.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-rollbar-access-token
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Oct 2023 12:00:21 GMT
server
nginx/1.17.9
via
1.1 google
x-response-time
0.287ms
current-user
api.decrypt.co/api/wallet/users/ Frame
0
0
Preflight
General
Full URL
https://api.decrypt.co/api/wallet/users/current-user
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://decrypt.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://decrypt.co
age
0
cf-cache-status
DYNAMIC
cf-ray
81576bf8eb27b97a-AMS
date
Fri, 13 Oct 2023 12:00:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMl3E9gWNIz0IFzy%2FKulkj3W4jilvxPTS1ELpRqU51WT8E4dmftK4r21KPG%2Bxz4ngVusVSHFQ3feedQIiGvMLgCqQQd%2Bmlb7mjXQg%2FZkKh%2FPNmLjtJUWEL9v9qVeyv3K"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Headers
via
1.1 varnish (Varnish/7.0)
x-cache
MISS
x-content-type-options
nosniff
x-varnish
941453117
country-code
api.decrypt.co/api/
89 B
455 B
Fetch
General
Full URL
https://api.decrypt.co/api/country-code
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a865a5549152ebd0530fa3c2ee42bfa06cb16b952a2373e0bea3d393df63d72e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
MISS
server
cloudflare
etag
W/"59-RP8EpPv6qNnn/8ZaesHRXb2zcb0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H10ZUiVK7da2WrvzkLmtXrD5%2B%2BKf96aselaaMzqvaIlaA%2Fk4xzTiYhjJdYAykWJno89q9XHM8yHvqWCNX8AuJahEHPmyakQqlL%2BXxOCh%2BjOaJVGRrllGditly4T0OLIb"}],"group":"cf-nel","max_age":604800}
x-varnish
947667723
access-control-allow-origin
https://decrypt.co
content-type
application/json; charset=utf-8
cache-control
public,max-age=0,s-maxage=0
access-control-allow-credentials
true
cf-ray
81576bf8eb21b97a-AMS
/
api.rollbar.com/api/1/item/
125 B
209 B
XHR
General
Full URL
https://api.rollbar.com/api/1/item/
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.81.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
77.81.201.35.bc.googleusercontent.com
Software
nginx/1.17.9 /
Resource Hash
b64327cd65d0b974313324e717eba7e8f6604378f848e86e2becd1a317c3ba8c

Request headers

X-Rollbar-Access-Token
52e9e596a28e49c5b91648f7ac0af4dc
Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

x-response-time
25.596ms
date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 google
x-rate-limit-limit
50000
x-rate-limit-remaining-seconds
42
server
nginx/1.17.9
x-rate-limit-remaining
49973
etag
W/"7d-PH9Vq7T3GmISuVLKj0kNng"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-rate-limit-reset
1697198464
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125
/
api.rollbar.com/api/1/item/
125 B
344 B
XHR
General
Full URL
https://api.rollbar.com/api/1/item/
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.81.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
77.81.201.35.bc.googleusercontent.com
Software
nginx/1.17.9 /
Resource Hash
b64327cd65d0b974313324e717eba7e8f6604378f848e86e2becd1a317c3ba8c

Request headers

X-Rollbar-Access-Token
52e9e596a28e49c5b91648f7ac0af4dc
Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

x-response-time
13.924ms
date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 google
x-rate-limit-limit
50000
x-rate-limit-remaining-seconds
42
server
nginx/1.17.9
x-rate-limit-remaining
49974
etag
W/"7d-PH9Vq7T3GmISuVLKj0kNng"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-rate-limit-reset
1697198464
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/pages/_app-29b376bf10c9dcff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 13 Oct 2023 11:51:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
528
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 13 Oct 2023 13:51:33 GMT
js
www.googletagmanager.com/gtag/
267 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S6XJW9326S
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/pages/_app-29b376bf10c9dcff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
633022787a1ea491c2f88f4b54bd670da0bd0a4980ac67b113ab351845b66b9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90645
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 13 Oct 2023 12:00:21 GMT
fbevents.js
connect.facebook.net/en_US/
198 KB
53 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 13 Oct 2023 12:00:21 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53364
x-xss-protection
0
pragma
public
x-fb-debug
8X96ciSZ+EPJeOyhQwEb+RmkWc6VBxxFN9VHdcFaZs3A8bahh6xdXrI1Uo8JsLfi1JgioOo1tDryHMa5ZoXhxg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/
267 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S6XJW9326S&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGBFBTX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b78a770b2c0a51d0c35dff997247466171c251f5d54c4e701431bfd1cf1771d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90784
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 13 Oct 2023 12:00:21 GMT
cid
api.decrypt.co/ipfs/
130 B
466 B
Fetch
General
Full URL
https://api.decrypt.co/ipfs/cid?path=%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58bdcb1138e327954de2579afab2746e3bebcc5168889c5c4f0e1a072410f7a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:23 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
MISS
server
cloudflare
etag
W/"82-LgZ7VM9a7kyrJg28fWa4JQy4o8Y"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7976SEBobfKLjZIa48K6%2FzGSB%2FMMb6xPG7POTnT6ADETY48WHZNfTPwU%2FE5WIU7aAdacngcNIz9caJmqXDGJm22vjEF5sDl3zfDfQw%2Bpdqms%2Fkxvbi0b7xhlRTEGW6dp"}],"group":"cf-nel","max_age":604800}
x-varnish
948733043
access-control-allow-origin
https://decrypt.co
content-type
application/json; charset=utf-8
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
81576bf8eb26b97a-AMS
v2.min.js
w.mmin.io/embed/
13 KB
5 KB
Script
General
Full URL
https://w.mmin.io/embed/v2.min.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1117eb7050965648e6e283a9dcc688ee13e3ac8555f286732d82fa63dbd06d1

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 9b50161b0654f8123e6c8e0585e35ade.cloudfront.net (CloudFront), 1.1 7599c9263666c70e7c78c161a02a07f8.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CMH68-P5, HEL51-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Wed, 20 Sep 2023 09:20:08 GMT
server
cloudflare
etag
W/"b549e507b8f9c150146993794c96f54c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LS%2BYAapo19rNG8llr9MQE0I%2Fn7%2BSXhJwe%2FIen5iw66dt3zdv9yCQ8KzoYCIJIFjhBgJIbGcEjEgxRMV4Z%2Brurx45tU%2BxHnSbU1Fn52OM0IKQX5HYe46%2F1Fp%2F%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=43200, s-maxage=2
cf-ray
81576bf8db60b807-RIX
x-amz-cf-id
TovDnHZiSdrqH6h3epG-hHLyE1ONY1ipBp-tGTfLs1qpaRYemCzw2w==
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/7582-add58cc251144932.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
405
etag
W/"2a3bbde818bef34d53a0df862ead5d5f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
81576bf8cde52e07-ARN
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 16 Oct 2023 12:00:21 GMT
optimize.js
www.googleoptimize.com/
126 KB
49 KB
Script
General
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-KNW58XR
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
Google Tag Manager /
Resource Hash
3f442ff88e8a65622fac2d796750ff92a14fe177b3250ca335acaed8c0bad926
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
49754
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 13 Oct 2023 12:00:21 GMT
tag
btloader.com/
18 KB
8 KB
Script
General
Full URL
https://btloader.com/tag?o=5768545745502208&upapi=true
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd09d1d739d15f9d6ee30bc243d1e9ab5c847846a05e58ab0411e47b5a6b6569

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 11:12:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2716
etag
W/"11cc8a9d515354a059a49d5730e7bb08"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTPgToIXl%2FIh9uDrbOb0O%2FOqZ43c8X0Ghw3vYXm1wyIdk64SqYaQXahn4wIBf6eZiu5t7UUb7imwRvSBv9fHl0slm5ZVg8byv5S9%2F58MSY3iER7VbB1EXOswQ%2FgfVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
81576bf8fc170b7f-AMS
track.js
assets.customer.io/assets/
7 KB
3 KB
Script
General
Full URL
https://assets.customer.io/assets/track.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5dc250228b63ec45ccaf25c7c7b9103a504bd5ebed035e88067475076c4b78d

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
YnPUbk.59KSLpiqsKMfvCCZt1qaij9rt
content-encoding
gzip
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
date
Fri, 13 Oct 2023 04:59:49 GMT
last-modified
Fri, 11 Aug 2023 18:01:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
25233
x-amz-server-side-encryption
AES256
etag
W/"92f4f643083ddfd3fc572a181243cb46"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cross-origin-resource-policy
cross-origin
x-amz-cf-id
aQiR1D4aizEidDHHIo71ni1s2IBEwejwwDN90ZgS5lz27Fcqxsh1zA==
uwt.js
static.ads-twitter.com/
56 KB
15 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption
AES256
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100147-IAD, cache-fra-eddf8230125-FRA
current-user
api.decrypt.co/api/wallet/users/
104 B
470 B
Fetch
General
Full URL
https://api.decrypt.co/api/wallet/users/current-user
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
294d8ec4e12dcb71f62de0ddea4363ae35de57520cadc0e728d9d756d56525a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
x-cache
MISS
content-length
104
server
cloudflare
etag
W/"68-TUIH/nwtUM+gwnWaEkxmtxiZt0I"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfC2ceMhO8gKzpYmtNDiFQZLeBOPgBVV4deMUSlBCfAgKTOqRMOx%2Fe%2BUDFrIcPwZgUaCn2niA0WWteyC9xNhWlKiV5b8CfgcKwcHmLbwP6FhzAMs9nJcxRD5wbnCJc9%2B"}],"group":"cf-nel","max_age":604800}
x-varnish
946351225
access-control-allow-origin
https://decrypt.co
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
cf-ray
81576bfa0ea31c87-AMS
8340.710533d78a122c33.js
decrypt.co/_next/static/chunks/
1015 B
1 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/8340.710533d78a122c33.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/webpack-40a3e8d5d0fa5f89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8324fd56c49588d8097cb72b2284cae5bee4ab3922b73e448e3bd61aee32b107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
7509427
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Tue, 18 Jul 2023 13:58:38 GMT
server
cloudflare
etag
W/"3f7-189694bbab0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLKRgO7K6jJ6%2BGyuVJLGu2PQbhKAKzAl2C4XfOgxRzMGIeWY6o4gENkeyhrrj2yTobcsl8oBg5vB6WBDZN5yxQmNXHsEmduXbBhuHOS0GkPFXikZyZIX%2B%2BRlH0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
40109710 38237857
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf86d291c87-AMS
8407.a86a0a04982b592b.js
decrypt.co/_next/static/chunks/
2 KB
2 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/8407.a86a0a04982b592b.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/webpack-40a3e8d5d0fa5f89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
551c48f82182b638fab2409909b7ca6a95aea4c955f1666aca108ce2fa0b14a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
600020
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 06 Oct 2023 13:06:55 GMT
server
cloudflare
etag
W/"7ef-18b05192198"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6ZgNcBeup1bVfhAafI6Hsu3RNbv8NYb%2F%2FDMkhDCR3wbw8y66kQ2pevaPF66jvbjlinbUgCgfmGHkAzdnZD3NxU8fpWYUV%2B35lpdtB5zZcH2yLq9wCVd4K5G%2FCY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
218924417 205694390
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf86d2b1c87-AMS
7817.6684d3d4bcc790c2.js
decrypt.co/_next/static/chunks/
5 KB
2 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/7817.6684d3d4bcc790c2.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/webpack-40a3e8d5d0fa5f89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e5b0c5d02a95533fb348d11c1e2850264c849960249487671d221bdef2eba502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
98105
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 08:36:33 GMT
server
cloudflare
etag
W/"1293-18b2307c268"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TzzlAVF2QNDJzp%2Bv1JQiNSV1HUbLMwu8RHyBndu%2B2%2Fz8SrFoRqfND2GM4wClnKfWYmliyohNqyxzG5qqIA0OlDfLy33Tzu1MSQG%2FH42qcZ8vhuQO6bDr4ltwLRQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
685606799 669414286
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf86d2e1c87-AMS
3158.a9229a6271f31356.js
decrypt.co/_next/static/chunks/
903 B
937 B
Script
General
Full URL
https://decrypt.co/_next/static/chunks/3158.a9229a6271f31356.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/webpack-40a3e8d5d0fa5f89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fbbd05d1c065e3acffe7cd9dd1d4e8e46050efa5a6714f1844abd3954c83fd5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
21837643
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 02 Feb 2023 17:56:31 GMT
server
cloudflare
etag
W/"387-1861345dc98"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYF%2FoSRRGH0Bo68yMcyXAXMIw9V48Fs2zcEKO07IDoPYfm1d3%2FRzVwy79MqfZ8B3eM1OAR908ANh%2B6NSHDcQRNjEKXS2RN5SjJuAw6FDgYhzx1tCo3J%2BDs%2BaXNk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
566369484 566757687
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf86d2f1c87-AMS
1145.8eb8d3229d2fcb87.js
decrypt.co/_next/static/chunks/
8 KB
3 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/1145.8eb8d3229d2fcb87.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/webpack-40a3e8d5d0fa5f89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1364d97985fe30ebcc891c7435e03e7e615895c63a94fe07d913072599cd23a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
21837643
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 02 Feb 2023 17:56:31 GMT
server
cloudflare
etag
W/"2176-1861345dc98"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcebG0znPobxZsD3ZGz48qrwJ0Crx6t2GDBtwqdKO8dXN8qJsCaosOYA3MvUmU%2FJIZT1io0m3OgN%2F48LV6olfLicUqdiIuYpv9%2Bvc%2FLEviYY%2Ba3T5%2BVrlu5PJbY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
566369485 565505686
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf86d301c87-AMS
8314.2c369d429ed315bb.js
decrypt.co/_next/static/chunks/
2 KB
2 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/8314.2c369d429ed315bb.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/webpack-40a3e8d5d0fa5f89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7c034b19f711fd6e88764869010c5cccb03724a82bedcc75d3f047512ec223cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
12384345
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 11 May 2023 10:14:54 GMT
server
cloudflare
etag
W/"84b-1880a4e7530"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BeM7NHUiPQJxl7sv7m%2Bl3uDhHmiLBXPo2rJQLlasDMBn3%2Blklx%2B8EAIekVK%2BDeVoWUIDMefy8CjvZnQVPrMTQ3on%2F1r0%2FDuQoj1kpo55TegSPoxdQi%2F4hS05BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
72764209 3801490
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf86d311c87-AMS
3874.abbdc8e5a02a604e.js
decrypt.co/_next/static/chunks/
3 KB
2 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/3874.abbdc8e5a02a604e.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/webpack-40a3e8d5d0fa5f89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5bc1d79e5d9f5efafd0073663e94fb41a423b22ae2996252406d75c560d8d2b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
21837643
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 02 Feb 2023 17:56:31 GMT
server
cloudflare
etag
W/"a7f-1861345dc98"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7OmvQ8FW2bcdgeF2850HCs2mRP%2BM8Zle8DfT4TL4JTdp3uQjbsn9bY1MqvG%2BI07zBAlmQlAqLL4RylD2iSwlWMckn072j6hlOuG9R4dK0NZrmOCxg%2BPpmOkrG3k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
565627815 565505682
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf86d341c87-AMS
5889.65320c4c2fc3a34c.js
decrypt.co/_next/static/chunks/
23 KB
7 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/5889.65320c4c2fc3a34c.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/webpack-40a3e8d5d0fa5f89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
352485f4f02677cb02d6a7d8a0513f0febe7b5dd2927639e7f86cf692be9bcf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
21837305
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 02 Feb 2023 17:56:31 GMT
server
cloudflare
etag
W/"5cab-1861345dc98"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFwbNg0lIZ5ovLzEMycSzNV9PWXo9oEblG0kY8VoAnnEFX7zSCs66Hvu8WSy97AKoSnJU%2F%2Bt%2Fugtqskpo2ddFSag6G24Nedls7KajtPd9b%2BCK2ZQGZ6jErkuyto%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
563772241 565923525
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf86d351c87-AMS
6504.fbdffca3c6090601.js
decrypt.co/_next/static/chunks/
12 KB
6 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/6504.fbdffca3c6090601.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/webpack-40a3e8d5d0fa5f89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
99b8813666fe09cf6c177c07819a156266d727b55a0616c37b17b6c16aef2f14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
21837305
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 02 Feb 2023 17:56:31 GMT
server
cloudflare
etag
W/"308f-1861345dc98"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HxwhSHM%2FlyLTOVQWIo2LPccm8y7tPsWqU%2BSPkGOx%2FGQ3NHHiBh8H5a180oegWJ6Z3tyxL7AdNlmuzFgyd%2F6mKGWvqh3IQgpmiKh0fvaEMSS8ENH4AfohpScAY4U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
565469517 566792679
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf86d371c87-AMS
events
e.api.pubgenius.io/
0
109 B
Ping
General
Full URL
https://e.api.pubgenius.io/events
Requested by
Host: delivery.pubgenius.io
URL: https://delivery.pubgenius.io/decrypt.-kkbxZKGT/wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.218.80.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-218-80-76.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 13 Oct 2023 12:00:22 GMT
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
/
gateway.decrypt.co/
79 KB
27 KB
Fetch
General
Full URL
https://gateway.decrypt.co/?operationName=AppNavigationBars&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22579be8629218dedc85cfc15de73c5012ddce58b7a884d924e48c2f6f41a85ec0%22%7D%7D
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2c109620b3edfc2df29d708157bf593fb78493a59cffd76bb5b444bbea95d58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
MISS
server
cloudflare
etag
W/"13afe-u0fyvXOQqLJxNzt2T+7z1iKrxBI"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOMCd0hfiaye%2B9bmn42qqrsARBPIl5I5U1%2FP4Y0CMSRZP48txQeBRzwTj2bC3VVSJFKaoGMijQCsrJ48sCsFrLC%2BdOrzZTKnDu5xMlKReL49BMuStNJUq%2FkfFFjo4kI%2FddktCA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
948571718
access-control-allow-origin
https://decrypt.co
content-type
application/json; charset=utf-8
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
cf-ray
81576bf8edaa1c87-AMS
/
gateway.decrypt.co/
10 KB
3 KB
Fetch
General
Full URL
https://gateway.decrypt.co/?operationName=CoinPricesBanner&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22826437b8515b6e0147e15ec76104dc33d8514621cc9946cdd3a409008c738425%22%7D%7D
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2041c24e7dc56491e651ffbdad24826c70f1b8e81e9aa10f7ebfc0128300f512
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT
server
cloudflare
etag
W/"28ed-BkzlQz+jUnMugZla8oWKAmD3Skc"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U36NuyB3LVeVplCxZGEwkaD7puxHOLV%2FrSmCjD2i45zFTEp2cceRi5GC0BAwNyCC2ycDErVQb9YJL%2FcDwmPJ%2F1S7zx9D13fSL6etXodj03EkOkRasGVmxr8luWnIW9bRU%2Bc4LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
947502321 947245234
access-control-allow-origin
https://decrypt.co
content-type
application/json; charset=utf-8
cache-control
max-age=300, s-maxage=300, public
access-control-allow-credentials
true
cf-ray
81576bf8edab1c87-AMS
/
gateway.decrypt.co/
3 KB
2 KB
Fetch
General
Full URL
https://gateway.decrypt.co/?variables=%7B%22id%22%3A97887%7D&operationName=ArticlePreviewById&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22642ebcab05648e3b9af9eacf3d5e545f8ccf79ede9a27572ea9b06274fb49e67%22%7D%7D
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7a473af21bbf29247002d310fa65cc9a04ae63c02c343a36c0a5e7dc1cc22e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
MISS
server
cloudflare
etag
W/"b64-tLV01Y9DkHc+p5nR9ueX6MPUSTQ"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqzkfDrP2RU5enBSdamvqVwHW8cLHBVBvrvpl5sPti62AFOoTw78qDqk3KFlthBAmG1uuZ%2FZ7LNZZ2aF%2FIFdWPnAf4nQcThfIw%2BZkg2M1dNprlUVtocHWyOdaygB7JQDzY7nuA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
946330089
access-control-allow-origin
https://decrypt.co
content-type
application/json; charset=utf-8
cache-control
max-age=300, s-maxage=300, public
access-control-allow-credentials
true
cf-ray
81576bf8eda91c87-AMS
/
gateway.decrypt.co/
3 KB
1 KB
Fetch
General
Full URL
https://gateway.decrypt.co/?variables=%7B%22id%22%3A117695%7D&operationName=ArticlePreviewById&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22642ebcab05648e3b9af9eacf3d5e545f8ccf79ede9a27572ea9b06274fb49e67%22%7D%7D
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d2fb88aeb6d9ea6c1d954838ab01df3532789ae6ff6fe8bafd663595d948633
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
MISS
server
cloudflare
etag
W/"a15-kPsS5kE31o+MHz9nBPb7pm4M1Dc"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EI9xSkOdv%2FMzDL7DM%2BvifVJBRqko%2FQ4TIQ5HJlwumPo7Udg56X51xZyzI8yvNdebZ70nb%2BzkdKBri9XdsxaKLKSAcV4rGWLZbw06VD7dTd%2BvKeskg6DsepyVUXWcu7yanU84TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
941453125
access-control-allow-origin
https://decrypt.co
content-type
application/json; charset=utf-8
cache-control
max-age=300, s-maxage=300, public
access-control-allow-credentials
true
cf-ray
81576bf8edac1c87-AMS
/
gateway.decrypt.co/
7 KB
3 KB
Fetch
General
Full URL
https://gateway.decrypt.co/?variables=%7B%22filters%22%3A%7B%22locale%22%3A%7B%22eq%22%3A%22en%22%7D%2C%22id%22%3A%7B%22ne%22%3A119861%7D%2C%22category%22%3A%7B%22slug%22%3A%7B%22eq%22%3A%22business%22%7D%7D%7D%2C%22pagination%22%3A%7B%22pageSize%22%3A3%7D%2C%22sort%22%3A%5B%22publishedAt%3Adesc%22%5D%7D&operationName=ArticlePreviews&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22351390d5c63a5c435a0da79c321df5f83b7de3aafcfa6c0db9993f6ce1255b76%22%7D%7D
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fac9a6c7df35b075a0ae3c7873e9b34910f17bbd1556ff0fbe3275a84e58698
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
MISS
server
cloudflare
etag
W/"1db0-dxLBUZs6lFl9J67y0nqblK5BzRY"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHMJTftLafZo2nWh3rpnuhElN2l71RrftowrX%2FReom9UB1i0roYxOQKYh8nnMW0FFMMWguCrdBtGKrzmL1LLg2t5%2F1fi%2FoCSiMxH59rt36JYUPg1l5DDEPFAyPRtYFPHd8P6pw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
946526108
access-control-allow-origin
https://decrypt.co
content-type
application/json; charset=utf-8
cache-control
max-age=300, s-maxage=300, public
access-control-allow-credentials
true
cf-ray
81576bf8eda81c87-AMS
decrypt-mark.png@webp
img.decrypt.co/insecure/rs:fit:64:0:0:0/plain/https://cdn.decrypt.co/wp-content/themes/decrypt-media/assets/images/brand/
3 KB
3 KB
Image
General
Full URL
https://img.decrypt.co/insecure/rs:fit:64:0:0:0/plain/https://cdn.decrypt.co/wp-content/themes/decrypt-media/assets/images/brand/decrypt-mark.png@webp
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b1476888e97d03bc36e4b8f28cb89379d2efb525f488e0fbe3e129a364a20ad
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
content-security-policy
script-src 'none'
via
1.1 varnish (Varnish/7.0)
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
280447
x-content-type-options
nosniff
x-cache
HIT
content-disposition
inline; filename="decrypt-mark.webp"
content-length
3120
x-request-id
ec434da453eb09cc74011b9f20713e41
last-modified
Tue, 10 Oct 2023 06:06:14 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7tuEIxGAvQMTepUgNQAQPoGuudjcH7Cp6Un7ReP5YoEiwe9ybdqOq0SyjrcAGCsIxgd5VduUgxJh8t4olKDwQSQHVMhYD5JTppeqkoiGFAmm5EcHCZwXKXxmEao4nle4"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-varnish
1567258 405328196
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
81576bf94dec1c87-AMS
expires
Sun, 06 Oct 2024 19:16:59 GMT
decrypt-mark-light.png@webp
img.decrypt.co/insecure/rs:fit:64:0:0:0/plain/https://cdn.decrypt.co/wp-content/themes/decrypt-media/assets/images/brand/
3 KB
3 KB
Image
General
Full URL
https://img.decrypt.co/insecure/rs:fit:64:0:0:0/plain/https://cdn.decrypt.co/wp-content/themes/decrypt-media/assets/images/brand/decrypt-mark-light.png@webp
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6442aad14e5b3c31e93b71c361b08fd971c75b2280f7d52056bd3aac49e501c3
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
content-security-policy
script-src 'none'
via
1.1 varnish (Varnish/7.0)
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15276453
x-content-type-options
nosniff
x-cache
HIT
content-disposition
inline; filename="decrypt-mark-light.webp"
content-length
3154
x-request-id
16475bb5b5397bd7bfeaa5c433364571
last-modified
Wed, 19 Apr 2023 16:32:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXPO7SjqcQtUSO7zz9Uw8nnW1rke7HISK8uxmw57PG6wjP6Oc44sc5k6EWGWqeKIBV%2BRnCBgsTBG1DIw5sbcQP9y7R5Ydo8BUFOAshepDeC9GD3TZerXXh1v4TRspn9R"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-varnish
1051518 199036
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
81576bf94ded1c87-AMS
expires
Thu, 18 Apr 2024 16:22:42 GMT
decrypt-word.png@webp
img.decrypt.co/insecure/rs:fit:256:0:0:0/plain/https://cdn.decrypt.co/wp-content/themes/decrypt-media/assets/images/brand/
5 KB
6 KB
Image
General
Full URL
https://img.decrypt.co/insecure/rs:fit:256:0:0:0/plain/https://cdn.decrypt.co/wp-content/themes/decrypt-media/assets/images/brand/decrypt-word.png@webp
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15980f132588c91083fd8600c1572f936a8df921bf3e63f0e97305b048a7b10d
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
content-security-policy
script-src 'none'
via
1.1 varnish (Varnish/7.0)
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2803683
x-content-type-options
nosniff
x-cache
HIT
content-disposition
inline; filename="decrypt-word.webp"
content-length
5478
x-request-id
5518fe39841a30feff6b031205a2b72c
last-modified
Mon, 11 Sep 2023 01:12:18 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmBJC4wEN9ZbW4lcnp3zF40dEnaV5UVe4nkR%2FFKFN9AbOkvMm5ABnvIBXZBYF8ch8BNunWWvAP4hws3N%2F8JEP4tEuHZlaZpW6mN%2BL1%2FpjIVEChX731%2Fl3d%2BMnMbveuwT"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-varnish
610045390 4359962
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
81576bf95dfe1c87-AMS
expires
Sun, 11 Aug 2024 21:32:57 GMT
decrypt-word-light.png@webp
img.decrypt.co/insecure/rs:fit:256:0:0:0/plain/https://cdn.decrypt.co/wp-content/themes/decrypt-media/assets/images/brand/
4 KB
4 KB
Image
General
Full URL
https://img.decrypt.co/insecure/rs:fit:256:0:0:0/plain/https://cdn.decrypt.co/wp-content/themes/decrypt-media/assets/images/brand/decrypt-word-light.png@webp
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c4e845bcc008de8e28592d2c4d67050fafc6d5a6dbe2ea76b6039d377c7f4d5
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:21 GMT
content-security-policy
script-src 'none'
via
1.1 varnish (Varnish/7.0)
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7150317
x-content-type-options
nosniff
x-cache
HIT
content-disposition
inline; filename="decrypt-word-light.webp"
content-length
4064
x-request-id
0a06cbac1af0e9d7b8ff4e366bc9636f
last-modified
Sat, 22 Jul 2023 17:48:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xb3x1n2zBFHwekFIyvVwF7tpdLddm%2FujYAS1N2034xouSaI7hZ0jjOlkqJceoYInBu%2FhfrwqvEstofPqUxpphb5Mve7hti0Bu1Eb4TH76ADiUOoCvY2tvCGigzNbI4qV"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-varnish
314398837 1704868
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
81576bf95dff1c87-AMS
expires
Sat, 13 Jul 2024 08:56:30 GMT
truncated
/
78 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86e827ed134d0d3463516287888e1d5bc0e48029519e82b977b41d86e4985a25

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
1ce5cb1e-d0d8-4aca-84a6-5a0f9f8af593
config.aps.amazon-adsystem.com/configs/
537 B
812 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/1ce5cb1e-d0d8-4aca-84a6-5a0f9f8af593
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-39.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
838a3132953125c5fb4deb7f199df47f4596aa2380d672f9c322dca8367c1817

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 11:49:46 GMT
via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
636
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
UPOr9OxV5INC10S2CdpWSPeYctoSJJk01XgMQ9utOWAPqAMMz7A-Qg==
config
c.amazon-adsystem.com/cdn/prod/
0
307 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fdecrypt.co&pubid=1ce5cb1e-d0d8-4aca-84a6-5a0f9f8af593
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:02:00 GMT
via
1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
10702
x-cache
Hit from cloudfront
access-control-allow-origin
https://decrypt.co
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
-7WHG4a34EULJSS67tagywHvKn0Zl-i2HSa_EANoRv7TXkBpc_Bu_A==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 05:14:08 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
24375
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
AGUttYQWEQ0BAqYghR-vtQby6ZwnAl0_eIXvt1kF8qXL_skU7EN4Vw==
decrypt-mark.png@webp
img.decrypt.co/insecure/rs:fit:32:0:0:0/plain/https://cdn.decrypt.co/wp-content/themes/decrypt-media/assets/images/brand/
2 KB
2 KB
Image
General
Full URL
https://img.decrypt.co/insecure/rs:fit:32:0:0:0/plain/https://cdn.decrypt.co/wp-content/themes/decrypt-media/assets/images/brand/decrypt-mark.png@webp
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9770fb981bd8655645d079cf5cb917e8024ee57858e1e4bfddb0d90d4b4dfb33
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
content-security-policy
script-src 'none'
via
1.1 varnish (Varnish/7.0)
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19015115
x-content-type-options
nosniff
x-cache
HIT
content-disposition
inline; filename="decrypt-mark.webp"
content-length
1558
x-request-id
c083341f908a254b737d45f4aec6aee2
last-modified
Tue, 07 Mar 2023 10:01:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGc15XiTl7lsuhBj5rI2xnBIVpvH81RgiiIyRHtg3Toae%2FtdpYfUs%2BOF8qvKK4tI0f9YxKNtFb5PJ97MiUIqi5AUo1rd6Sqx8Rist9g7Y%2BqaILlxbVmpO7r8fX%2BLwrm1"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-varnish
186094152 147412887
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
81576bf9be481c87-AMS
expires
Wed, 06 Mar 2024 09:59:37 GMT
favicon-32x32.png
cdn.decrypt.co/wp-content/themes/decrypt-media/assets/images/
934 B
1 KB
Image
General
Full URL
https://cdn.decrypt.co/wp-content/themes/decrypt-media/assets/images/favicon-32x32.png
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b61d67cfb38ba82f7b4e1a8ef74076448c58e31fad7078fc2c9d9f2c8d92669
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
184818
cf-polished
origSize=3312, status=vary_header_present
x-cache
HIT
content-length
934
cf-bgj
imgq:85,h2pri
last-modified
Tue, 01 Nov 2022 09:37:21 GMT
server
cloudflare
etag
"6360e8d1-cf0"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etCr1J3xqOKnIURLXMHtsVtBoGfuFOVVSFi7qWu6GfqJgTQanupGEEh0BkDD7IpDdJMp7jLE2Um2%2B86Ie%2FWGNYF5jnd7Qob0QFjeRzVCBcAqC7ImaCXt%2FLonEBohc4rT"}],"group":"cf-nel","max_age":604800}
x-varnish
476415332 333579
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
cf-ray
81576bf9be491c87-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
unnamed-300x300.jpg@webp
img.decrypt.co/insecure/rs:fit:48:0:0:0/plain/https://cdn.decrypt.co/wp-content/uploads/2021/10/
1 KB
2 KB
Image
General
Full URL
https://img.decrypt.co/insecure/rs:fit:48:0:0:0/plain/https://cdn.decrypt.co/wp-content/uploads/2021/10/unnamed-300x300.jpg@webp
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62ccdec87ec6292a3fb72ebd993074b9bd6959c431d5f6d287494f520b06a394
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
content-security-policy
script-src 'none'
via
1.1 varnish (Varnish/7.0)
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543106
x-content-type-options
nosniff
x-cache
HIT
content-disposition
inline; filename="unnamed-300x300.webp"
content-length
1084
x-request-id
ef91bb542f2a7f99ed009bbeb962ec32
last-modified
Sat, 07 Oct 2023 05:08:36 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ldl97rgZhYLf0hEt5QrOPGq96StKj1McHISaZ422qgmsYUFviUl7AhuXXsqO1antTS6qeneFDHDDHKVYKbmYjCDcheLb%2BqvUE17qhtiZksSqmtrh37RuvkSNwSWPFDwI"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-varnish
343938139 113677631
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
81576bf9be4b1c87-AMS
expires
Sun, 29 Sep 2024 16:34:36 GMT
2586-aedaebab88f808e3.js
decrypt.co/_next/static/chunks/
0
9 KB
Other
General
Full URL
https://decrypt.co/_next/static/chunks/2586-aedaebab88f808e3.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4586
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"68d1-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alOAxlcrDWSPQAFE98CJwMWiIE9dmxIZ3gwLwqUMfeKvwRBK3TR5IhISKIhGacah5louSR1Nh4aOxQMxBepc18vuu42OG2aUBhc8l2rUZbbND1fOrsTCTboIP1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
945793822 946146261
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf9de631c87-AMS
6541-a202304ddff842cf.js
decrypt.co/_next/static/chunks/
0
5 KB
Other
General
Full URL
https://decrypt.co/_next/static/chunks/6541-a202304ddff842cf.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4408
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"39ec-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0AmQWjCCuaR5Fr2wIyrWyZ3FhdLMUU3cbm3e%2B714CN2YSHaCSu4yuY9p19ota%2BVAz5tN2UPUz5TKaIOqZuvavh32kBV205CNTeyQLyoGQGnh0PORE6AVqNahDk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
945857917 941292765
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf9de661c87-AMS
category-cddd81d417c702eb.js
decrypt.co/_next/static/chunks/pages/
0
755 B
Other
General
Full URL
https://decrypt.co/_next/static/chunks/pages/category-cddd81d417c702eb.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4408
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"120-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cw%2BXKCHEJc33UElIK3pL42e5Mm80avR52u2S873j0DE0RGtmM0pN82MMxxPmmSuZmHjDM7S4h21XUqcbYC%2B1%2BQyHc2v5i8H4DmJyiXmlo9r7%2FkfHlVahetSB%2Bhs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
945108918 942390711
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf9de681c87-AMS
university-2acb0b5fdc28b6c2.js
decrypt.co/_next/static/chunks/pages/
0
19 KB
Other
General
Full URL
https://decrypt.co/_next/static/chunks/pages/university-2acb0b5fdc28b6c2.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4094
cf-polished
origSize=56412
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"dc5c-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DzvIP%2B1PwD2J%2FstX%2FMhW%2FKS9vtpSrbMSQGhl72GUXyUtjjI%2FF%2FtStgXbH4P7WLwChrpqxSzxhGeECMnVC5KHU%2FgY9MsraEgi2sn2Tzij0g2yjdh8zzFHn9iyDTM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
939476152 944097369
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf9de691c87-AMS
2008-fc63e0f5e917a57b.js
decrypt.co/_next/static/chunks/
0
6 KB
Other
General
Full URL
https://decrypt.co/_next/static/chunks/2008-fc63e0f5e917a57b.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4586
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"49af-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0b9PKc%2BH225lpV6XmO0b0YkUyLdrh85KZc8M9TDQXLtaCOq4mKsTETx7oR2m%2BfoM5pr94oA%2BjMp7wacSW7HF37lRqgcrGahwanpA6gONYjaDkG7cU1fEY5EQqso%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
942341949 944813854
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf9de6b1c87-AMS
gg-87a893bb1b47810f.js
decrypt.co/_next/static/chunks/pages/
0
7 KB
Other
General
Full URL
https://decrypt.co/_next/static/chunks/pages/gg-87a893bb1b47810f.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4586
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"5551-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8zQ1DbpA9w5X2QTmL%2FzgUz8M9aCPy%2Bi7%2FVCxCOudZNr%2B6aMOTlq3%2BLtIb1nLqYLS%2BXQLShE0lEci58m%2FdYVp%2B3337oYNuxyjYf53X7cAHTeR4srpBlvTIxcGz8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
945916080 942626267
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf9de6c1c87-AMS
9956-af7d43a23ad26907.js
decrypt.co/_next/static/chunks/
0
15 KB
Other
General
Full URL
https://decrypt.co/_next/static/chunks/9956-af7d43a23ad26907.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4094
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"98fd-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INvyQ7P9x5Fqce3AkCMbg7Yv7G0GKEfiYiM7Rria9J6Dor2v9oY589utkul%2BKzZ2E%2BGBfRjeznYuz87EOKzb4d8x57nnQ2pcWZ%2B7AY7ZSRmDGoFLlB0mw%2FwRVJE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
940941733 943447028
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf9de6d1c87-AMS
2054-670fd973eaa40307.js
decrypt.co/_next/static/chunks/
0
4 KB
Other
General
Full URL
https://decrypt.co/_next/static/chunks/2054-670fd973eaa40307.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4094
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"2952-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niUkpFEPbAUL%2B4%2FeuFb7Tml13g2aKT2IJv%2FPDQ3fElPrVaqJHzJ%2F0P%2BaanxZrRGgSLF4Q8hmrwJueCSlIy%2FkAvtBnJgIrUUU8NdcqBRzuzhcogPj8XBqoQyrzWM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
944548480 944323183
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf9de6e1c87-AMS
6206-f1e08153d79bbfc7.js
decrypt.co/_next/static/chunks/
0
5 KB
Other
General
Full URL
https://decrypt.co/_next/static/chunks/6206-f1e08153d79bbfc7.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
771793
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Wed, 04 Oct 2023 13:33:06 GMT
server
cloudflare
etag
W/"336f-18afae46250"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWcKO4Mfxfno7LljBrgfipPcGWa1kv%2B61kCAdsC579GzMnQPd8UFlUzgvc7UQZGNTckXpFyNSdSLv%2FDPYGZZOfOYfhXS1ezM0OmZp16KAtWWDd%2BAVRrn0GEjuVE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
816622310 829333958
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf9de6f1c87-AMS
emerge-938bbde26b801981.js
decrypt.co/_next/static/chunks/pages/
0
3 KB
Other
General
Full URL
https://decrypt.co/_next/static/chunks/pages/emerge-938bbde26b801981.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4094
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"1ebd-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2T9sn%2BsP%2B%2BbdQ%2BmPa%2FgBL7v8Y2%2F0JfQ9czsYJ5XlW5FQLDKablCzYQpIpHtzCGBykQPphjYTce%2FByu59Z9CaV69NJyZlAHwCHyfRjdEutH%2FbJHvXe25Qx2M8GP8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
938825894 945008674
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf9de701c87-AMS
9068-472515969d04bdfc.js
decrypt.co/_next/static/chunks/
0
7 KB
Other
General
Full URL
https://decrypt.co/_next/static/chunks/9068-472515969d04bdfc.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
96748
cf-polished
origSize=17893
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 08:36:33 GMT
server
cloudflare
etag
W/"45e5-18b2307c268"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTtoDiksqZ6yC%2F1bGCqKhCq%2BzVORWLWa4%2BrWIDAoLKjr%2FeNj42Z2vwM0LgGRQsTWrNf4%2BfkCuoty34fUZ%2BFGmmPVdpQhosELfcEzoOcL8F4RFtjdNc0rBbDTCj4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
691442077 688455926
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf9de711c87-AMS
8749-55806d0e55147823.js
decrypt.co/_next/static/chunks/
0
8 KB
Other
General
Full URL
https://decrypt.co/_next/static/chunks/8749-55806d0e55147823.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
266339
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Tue, 10 Oct 2023 09:40:20 GMT
server
cloudflare
etag
W/"5ddc-18b18f56fa0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXMGsf%2Bah9MohPJZyeAcieBFDxP%2Bb9iAVvrxLp4TUDi6XEVwxMn7JVNHUvM18o7pTPDw1DlOnqH%2FUCVlEadGRl179ChjmSBFao9S9B6kmG3gUD%2BqcpU%2FpurDHak%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
94255648 84660290
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf9de741c87-AMS
videoIndex-b58e5a23211dc7eb.js
decrypt.co/_next/static/chunks/pages/
0
2 KB
Other
General
Full URL
https://decrypt.co/_next/static/chunks/pages/videoIndex-b58e5a23211dc7eb.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
96748
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 08:36:33 GMT
server
cloudflare
etag
W/"11f1-18b2307c268"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2bjDtP4KxUZjBsuMLA%2BiHqJdoLZt6Ov0fcUWccDbsSo8yBtcC9j%2BdhjJPcyCDBcHkswlqi3EB7Gp23bKRgR0oZAziGKaluR2OlBsdP5xtGXtV4t94976lZNj3A8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
695011139 687603977
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf9de751c87-AMS
newsletters-a7fb4f7162d1338a.js
decrypt.co/_next/static/chunks/pages/
0
2 KB
Other
General
Full URL
https://decrypt.co/_next/static/chunks/pages/newsletters-a7fb4f7162d1338a.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
96748
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 08:36:33 GMT
server
cloudflare
etag
W/"1392-18b2307c268"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Il1UGJLyKq7g2hPePoj0g5utUNZITPwgcYKqKzufQl25gA2fu3tD2SiEyVEyzdavUSEmbSa%2Fu77A8hTdAb8obnWzN9LnUUmtAHbEUD1sFQPTSVXU63bmSQtN%2Fx0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
692623660 679946039
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf9de761c87-AMS
7875-52793450212f4191.js
decrypt.co/_next/static/chunks/
0
161 KB
Other
General
Full URL
https://decrypt.co/_next/static/chunks/7875-52793450212f4191.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
2805564
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Tue, 29 Aug 2023 12:16:03 GMT
server
cloudflare
etag
W/"6504b-18a4138e7b8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTiNZBhVSIvgqo1CRw1YAACSqS87UXfVa27Aj2Yya9rHUxbHGMMAeSjEoj1zyDf%2BHYb8PCxf5AHTS2jI31HTlbvarSHDppnTPAA13UatMWxcO3abZiaIdOZIrTY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
584953846 279478921
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf9de771c87-AMS
2359-929f0b2ffc8fd604.js
decrypt.co/_next/static/chunks/
0
4 KB
Other
General
Full URL
https://decrypt.co/_next/static/chunks/2359-929f0b2ffc8fd604.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4094
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"2a10-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLwpPKbgNeos8psg%2Fa1pzpuetCmiScADOb%2FsGQMzGfU3nLBDcl%2F6Y7AQ02oIZwOkx1zwUIbPbyITK0Dc6exz0GwzaTPpkHkji5QKYVz5D4BMG4YuWQXNlUlwaU0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
935849641 941127540
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bf9de781c87-AMS
index-25ac20ba8b595ea4.js
decrypt.co/_next/static/chunks/pages/
0
7 KB
Other
General
Full URL
https://decrypt.co/_next/static/chunks/pages/index-25ac20ba8b595ea4.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4094
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"54e1-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pm3Dw%2BVFjzqsT6qfl%2FPUCP%2FqzDEzeTf6XztFI3RUgxazpf4PNetxwROaGxmkZpEfKt9LMi4L2EUJ5rkxGpzgCDhAjXkenWF4PDKgdCwcDcVDeOr0fnZsV8xHmVk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
944548481 943447026
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfa0e9f1c87-AMS
author-863c421c5bf9e857.js
decrypt.co/_next/static/chunks/pages/
0
9 KB
Other
General
Full URL
https://decrypt.co/_next/static/chunks/pages/author-863c421c5bf9e857.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
98104
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 08:36:33 GMT
server
cloudflare
etag
W/"5602-18b2307c268"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6whJjWC%2Ba%2Bpbl%2BWGHf8KeLfKZjedSaipWwjrmrqKsQ9NSYT9K5VuyPD9FDBGDfWLqggrccqBfft0iQ1oJDIJdYG5Opmmtdae6s617P2V4VyusuDwcvggq7ELSk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
687768561 683511057
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfa0ea11c87-AMS
bid
aax.amazon-adsystem.com/e/dtb/
23 B
459 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&pid=ZYoIl1d3TKbHg&cb=0&ws=1600x1200&v=23.919.1525&t=600&slots=%5B%7B%22sd%22%3A%22slot-5-ad-4-pubg-bhn-fqw%22%2C%22s%22%3A%5B%22300x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22pubg-bhn-fqw%22%7D%5D&schain=1.0%2C1!pubgenius.io%2Ca92%2C1%2C%2C%2C&pubid=1ce5cb1e-d0d8-4aca-84a6-5a0f9f8af593&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
1TXZYDAVP17G5ADBRXZ5
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://decrypt.co
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
MiL8M3nwMKP-5-ulcIrRzAZKku7-3bKE4fCxnn8sBj5pqPa1VBMbog==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/
420 KB
132 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
2c1e314bd40a5d53a2e657710b9a41778f2e105084dd41fb2305dc008d5bffd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 11:22:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
2287
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134705
x-xss-protection
0
server
cafe
etag
4581834702576728701
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 12 Oct 2024 11:22:15 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
284 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2858
etag
W/"7f9669464fe15e6a516c0eb693b26dbb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
81576bfa5fb92e07-ARN
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 16 Oct 2023 12:00:22 GMT
collect
www.google-analytics.com/j/
4 B
205 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=930989033&t=pageview&_s=1&dl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&ul=en-us&de=UTF-8&dt=FBI%20Confirms%20North%20Korea%20Behind%20%24100%20Million%20Harmony%20Hack%20-%20Decrypt&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=1095017011&gjid=240678385&cid=576803033.1697198422&tid=UA-123175458-1&_gid=1639726528.1697198422&_r=1&_slc=1&gtm=45He3ab0n81KGBFBTX&z=1884212491
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://decrypt.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
69 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=930989033&t=event&ni=1&_s=1&dl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&ul=en-us&de=UTF-8&dt=FBI%20Confirms%20North%20Korea%20Behind%20%24100%20Million%20Harmony%20Hack%20-%20Decrypt&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=CoinGecko&ea=Impression&el=%22Unit%22%3A%22top_banner%22&_u=YEDAAEABAAAAACAAI~&jid=1972252211&gjid=348803348&cid=576803033.1697198422&tid=UA-123175458-1&_gid=1639726528.1697198422&_r=1&z=795188939
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://decrypt.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
132 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=930989033&t=event&ni=1&_s=2&dl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&ul=en-us&de=UTF-8&dt=FBI%20Confirms%20North%20Korea%20Behind%20%24100%20Million%20Harmony%20Hack%20-%20Decrypt&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Newsletter_subscribed&ea=Impression&el=newsletterFooterAdUnit&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=576803033.1697198422&tid=UA-123175458-1&_gid=1639726528.1697198422&z=518193926
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 06:41:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
19125
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=930989033&t=event&ni=1&_s=3&dl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&ul=en-us&de=UTF-8&dt=FBI%20Confirms%20North%20Korea%20Behind%20%24100%20Million%20Harmony%20Hack%20-%20Decrypt&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=MoneyMade&ea=Impression&el=%22postId%22%3A119861&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=576803033.1697198422&tid=UA-123175458-1&_gid=1639726528.1697198422&z=2867087
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 06:41:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
19125
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=930989033&t=event&ni=1&_s=4&dl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&ul=en-us&de=UTF-8&dt=FBI%20Confirms%20North%20Korea%20Behind%20%24100%20Million%20Harmony%20Hack%20-%20Decrypt&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Newsletter_subscribed&ea=Impression&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=576803033.1697198422&tid=UA-123175458-1&_gid=1639726528.1697198422&z=1702129958
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 06:41:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
19125
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=930989033&t=event&ni=1&_s=5&dl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&ul=en-us&de=UTF-8&dt=FBI%20Confirms%20North%20Korea%20Behind%20%24100%20Million%20Harmony%20Hack%20-%20Decrypt&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Newsletter_subscribed&ea=Impression&el=Footer&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=576803033.1697198422&tid=UA-123175458-1&_gid=1639726528.1697198422&z=2057169654
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 06:41:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
19125
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=930989033&t=pageview&_s=1&dl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&ul=en-us&de=UTF-8&dt=FBI%20Confirms%20North%20Korea%20Behind%20%24100%20Million%20Harmony%20Hack%20-%20Decrypt&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=576803033.1697198422&tid=UA-123175458-1&_gid=1639726528.1697198422&gtm=45He3ab0n81KGBFBTX&z=231756636
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 06:41:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
19125
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
bid
exchange.alkimi-onboarding.com/ Frame
0
0
Preflight
General
Full URL
https://exchange.alkimi-onboarding.com/bid?prebid=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.198.240.112 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,rtb-direct
Access-Control-Request-Method
POST
Origin
https://decrypt.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Referer, Rtb-Direct
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://decrypt.co
access-control-expose-headers
Token-Expiration
access-control-max-age
3600
content-length
0
date
Fri, 13 Oct 2023 12:00:22 GMT
prebid
ib.adnxs.com/ut/v3/
138 B
699 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
ad26536e0c9e76ed89ae9077a022b694029c494e02cc1a60421fb157b081ee16
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:22 GMT
an-x-request-uuid
1222c371-4b3f-4fe2-91ee-c05b7a949bfc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://decrypt.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.147.213.98; 185.147.213.98; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/
0
271 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://decrypt.co
date
Fri, 13 Oct 2023 12:00:21 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
auction
tlx.3lift.com/header/
19 B
555 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.26.0&referrer=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&tmax=400
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.123.81.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-81-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:22 GMT
accept-ch
sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink
x-auction-status
12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://decrypt.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid
exchange.alkimi-onboarding.com/
0
0

prebid
ib.adnxs.com/ut/v3/
139 B
699 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
d7affc2a1f4eb6297468d97b37a5350dc46d7d5bd10a7eac7fd4df4236c4fd5d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:22 GMT
an-x-request-uuid
f878ab55-eb29-4681-b8a3-a22ebfdeddf3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://decrypt.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.147.213.98; 185.147.213.98; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/
37 B
544 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=800823
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32357eed6ac0bebf5b7cbdb484c3a9ff7f75f97b2c557e21ae7e864ee79ba001

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4U1czHDh8df%2FEXn6PoJEjDTYmlmex%2BlzywSOpdGVZkL7%2Bwkuh9N5mxnOgGCeC7fovdlsWsZRzKnHgKx6jzJYMEmZfsDt6e8EKYYoPKLKeAaRxlJfs6%2F6SUzSWGwUZov7a4o6Pdig"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://decrypt.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81576bfb4b4e0d4e-ARN
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/
0
211 B
XHR
General
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.215.202.146 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams01-convex-float1.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:22 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://decrypt.co
cache-control
no-cache
access-control-allow-credentials
true
expires
0
cdb
bidder.criteo.com/
0
189 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.26.0&cb=72174899434&lsavail=0
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://decrypt.co
date
Fri, 13 Oct 2023 12:00:21 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/
398 B
900 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17544&site_id=419292&zone_id=2372734&size_id=15&alt_size_ids=2&rp_schain=1.0,1!pubgenius.io,a92,1,,,&rf=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&tg_i.page=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&tg_i.domain=decrypt.co&tg_i.pbadslot=pubg-bhn-fqw&tk_flint=pbjs_lite_v7.26.0&x_source.tid=bfc21e33-fe60-4ddd-8839-a44cdfbd9bb7&l_pb_bid_id=210b2db413d123c&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.08&rp_maxbids=1&slots=1&rand=0.36580620794661733
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.45 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9e642752027fd880799fad4fae3d0df39b2dd99f9484a0a6fea636582ea4a735

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://decrypt.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
398
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/
0
109 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://decrypt.co
date
Fri, 13 Oct 2023 12:00:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/
24 B
397 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.26.0
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
fd69403921aacbda547e27b6b640150652bdc3f9942edce578cea7a3fc9a11f8

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 13 Oct 2023 12:00:22 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://decrypt.co
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
arj
mediadojo-d.openx.net/w/1.0/
73 B
374 B
XHR
General
Full URL
https://mediadojo-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bfc21e33-fe60-4ddd-8839-a44cdfbd9bb7&nocache=1697198422213&schain=1.0%2C1!pubgenius.io%2Ca92%2C1%2C%2C%2C&aus=300x250%2C728x90&divids=slot-5-ad-4-pubg-bhn-fqw&aucs=pubg-bhn-fqw&auid=556938166&aumfs=80
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
febe3aa909b84b4591cbf155472b54b2aa9486c0d10941673594f1f97f12d255

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:22 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://decrypt.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
btlr.sharethrough.com/universal/
0
154 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.57.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-57-93.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://decrypt.co
date
Fri, 13 Oct 2023 12:00:22 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
153 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.57.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-57-93.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://decrypt.co
date
Fri, 13 Oct 2023 12:00:22 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
state
api.btloader.com/mw/
0
101 B
Fetch
General
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/
43 B
326 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2038548
x-guploader-uploadid
ADPycdv2wxjKnjj7LYeGqMfxuZDGSVJpH-nQP51dPqV2tBfgFFUMt30ugVAqidezL9eFjNL3J5Am6q-l2OZRJsTJpH84sMZG8Zlr
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4iBiP3IGfq%2FmdM9v7o94EEOzEu4muwYPDKpbGbTd0UFynsBjLDFNIo0I4XcTfh1jFej3q3qL%2BuyVeL5wyzAsNdzLFw0AZFvRwc9kqyk%2Bd2K2wTDCjIfU8y7l3VfEWLTxw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
81576bfbaa55990f-ARN
expires
Tue, 19 Sep 2023 22:30:55 GMT
favicon.ico
ad.doubleclick.net/
1 KB
570 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 10:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7076
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 14 Oct 2023 10:02:26 GMT
px.gif
ad-delivery.net/
43 B
857 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.858502783784233
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2038548
x-guploader-uploadid
ADPycdv2wxjKnjj7LYeGqMfxuZDGSVJpH-nQP51dPqV2tBfgFFUMt30ugVAqidezL9eFjNL3J5Am6q-l2OZRJsTJpH84sMZG8Zlr
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTBUXBWPHKg20r0SgHyEVA2LmOWz3D971f6j5nnnVWJ6RY847MfrZxebSyqmw%2Fa3vVH4%2Bz8pf4INvbZ0fc3jjbeqnLJ3KSx7BscuH0UO%2BBO11XVwvMpbxeUrjc%2FXlGXZ9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
81576bfbaa54990f-ARN
expires
Tue, 19 Sep 2023 22:30:55 GMT
adsct
t.co/1/i/
43 B
377 B
Image
General
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=0c309302-e280-491f-9f98-bae50f9a4b55&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a313e05d-3ee5-4f5b-829b-d9aef1ce7bcb&tw_document_href=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&tw_iframe_status=0&txn_id=obnx2&type=javascript&version=2.3.29
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time
104
date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
8466313129299576
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
57fc8a2a4a592f549e717d3654a3741fd0657b73fcfef43537abbba08efa520f
content-length
43
adsct
analytics.twitter.com/1/i/
43 B
723 B
Image
General
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=0c309302-e280-491f-9f98-bae50f9a4b55&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a313e05d-3ee5-4f5b-829b-d9aef1ce7bcb&tw_document_href=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&tw_iframe_status=0&txn_id=obnx2&type=javascript&version=2.3.29
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time
166
date
Fri, 13 Oct 2023 12:00:21 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
843203c6c68ff47a
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
061ef15890d973ff56906a8df549bd4f969ea4221e3983525532749cdf5bd842
content-length
43
collect
region1.analytics.google.com/g/
0
241 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-S6XJW9326S&gtm=45je3ab0&_p=930989033&_gaz=1&cid=576803033.1697198422&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697198422&sct=1&seg=0&dl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&dt=FBI%20Confirms%20North%20Korea%20Behind%20%24100%20Million%20Harmony%20Hack%20-%20Decrypt&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S6XJW9326S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://decrypt.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
47 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S6XJW9326S&cid=576803033.1697198422&gtm=45je3ab0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S6XJW9326S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://decrypt.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.se/ads/
42 B
408 B
Image
General
Full URL
https://www.google.se/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S6XJW9326S&cid=576803033.1697198422&gtm=45je3ab0&aip=1&z=611027374
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2299115233679936
connect.facebook.net/signals/config/
131 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2299115233679936?v=2.9.133&r=stable&domain=decrypt.co
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
408e07766f4738e3e94903559e84f884fb9504acfe3e7b9e7aad6e6f267b2757
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 13 Oct 2023 12:00:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
34996
x-xss-protection
0
pragma
public
x-fb-debug
mVLS9UiuERpRETrLT4/OaPuZly1n7LPAmkelNB4QS6B1RYIfbT/tL+Gg5/SOetfSKoUFOsnL/c90t48mPY8nFA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
58ba09e3c80b1a336ae02b8cd7cf8636
verify.walletconnect.com/ Frame 7925
0
58 B
Document
General
Full URL
https://verify.walletconnect.com/58ba09e3c80b1a336ae02b8cd7cf8636
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/7853.19f854fa776acb67.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.185.166.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-166-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://decrypt.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 13 Oct 2023 12:00:22 GMT
collect
stats.g.doubleclick.net/j/
4 B
345 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-123175458-1&cid=576803033.1697198422&jid=1095017011&gjid=240678385&_gid=1639726528.1697198422&_u=YEDAAEAAAAAAACAAI~&z=80200600
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 13 Oct 2023 12:00:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://decrypt.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
70 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-123175458-1&cid=576803033.1697198422&jid=1972252211&gjid=348803348&_gid=1639726528.1697198422&_u=YEDAAEABAAAAACAAI~&z=1109634630
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 13 Oct 2023 12:00:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://decrypt.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
chartbeat.js
static.chartbeat.com/js/
37 KB
15 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.255.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-255-75.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 17:21:54 GMT
content-encoding
gzip
via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 00:45:38 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
67108
etag
W/"64d2e1b2-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
JW8FdrvhEuTfDnCZGOn1UtTihegRPQCm-RAwNmD83v6IZkBOWI1B5w==
expires
Fri, 13 Oct 2023 17:21:54 GMT
horizontal-offers
w.mmin.io/ Frame 1A67
26 KB
3 KB
Document
General
Full URL
https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/embed/v2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a9f92295e07fcc7a88e60b0bb1ecedbc195bbd9a845f2082c5afaa6a7a6003f

Request headers

Referer
https://decrypt.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

cache-control
public, max-age=0, s-maxage=2, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
81576bfbea84b807-RIX
content-encoding
br
content-type
text/html
date
Fri, 13 Oct 2023 12:00:22 GMT
last-modified
Tue, 10 Oct 2023 06:55:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eHWJbQqNfYpRT1RCcXX8zm7ueJCdOIOkjG%2B0c%2F6Bf9JGgtKuo9BRQo54VcCCAnYEJe8EklwQDAfkwDTPRd0wCaTYf4wF4V%2Bl8PjOOKoRWsuo2YcHHAKQ2vtPqA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
via
1.1 e07ee911994a79dcf18ab9fb40a784e8.cloudfront.net (CloudFront), 1.1 1006b6fade1118dfc3284a26ac82fccc.cloudfront.net (CloudFront)
x-amz-cf-id
UH7jwmDQC8aESnOSNb3BIwIxcxMGYTam0hDUpI9UI6uxRYSHJjDOUw==
x-amz-cf-pop
CMH68-P5 HEL51-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
web
onesignal.com/api/v1/sync/2ed14861-ded2-4fe9-a463-06d7e0b5012a/
4 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/2ed14861-ded2-4fe9-a463-06d7e0b5012a/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec95dac3cab7f059daee4a4127ffb52da7e35ff404dc59dc1369b24786df97e5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
1441
cf-polished
origSize=3935
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
c964c49f-7e09-40a7-8213-d0cd5918dfbe
x-runtime
0.038002
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"c8a71b222e42b2f9edbcf274d30e07d5"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
81576bfc09c42e07-ARN
access-control-allow-headers
SDK-Version
expires
Fri, 13 Oct 2023 13:00:22 GMT
22573224304
fundingchoicesmessages.google.com/i/
158 KB
52 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/22573224304?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
ESF /
Resource Hash
4dfe3321144fa90a24b43850c00ebb242704dbc06e806fa44f314a756e403f83
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Mm-GG51woDfsgSm4htsBHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
content-security-policy
script-src 'report-sample' 'nonce-Mm-GG51woDfsgSm4htsBHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
4378.3d63344b03f11b37.js
decrypt.co/_next/static/chunks/
14 KB
6 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/4378.3d63344b03f11b37.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/webpack-40a3e8d5d0fa5f89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ce81e754fcbc04b6124b0a1e9010c8fe1c48495ae51846b61dcc28327e3b337b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
5604216
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Wed, 09 Aug 2023 15:01:47 GMT
server
cloudflare
etag
W/"37c1-189dad17378"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nO0TJ3vximI0T57NZQTBqpNj5e5acZK06DQFbPEhxAwpVFptd407gRywl9%2FZ6CwJUOWFoOTGUvrlGHnVSauH05t6SM9bLH6G7AvamnTWwngGUwsEoNSgMAmbZDE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
184370866 190590071
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfc78ba1c87-AMS
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-123175458-1&cid=576803033.1697198422&jid=1095017011&_u=YEDAAEAAAAAAACAAI~&z=1800658371
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.se/ads/
42 B
107 B
Image
General
Full URL
https://www.google.se/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-123175458-1&cid=576803033.1697198422&jid=1095017011&_u=YEDAAEAAAAAAACAAI~&z=1800658371
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-123175458-1&cid=576803033.1697198422&jid=1972252211&_u=YEDAAEABAAAAACAAI~&z=1365688334
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.se/ads/
42 B
107 B
Image
General
Full URL
https://www.google.se/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-123175458-1&cid=576803033.1697198422&jid=1972252211&_u=YEDAAEABAAAAACAAI~&z=1365688334
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2299115233679936&ev=PageView&dl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&rl=&if=false&ts=1697198422458&sw=1600&sh=1200&v=2.9.133&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1697198422457.1874979543&ler=empty&it=1697198422316&coo=false&rqm=GET
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 13 Oct 2023 12:00:22 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
country
api.btloader.com/
16 B
141 B
Fetch
General
Full URL
https://api.btloader.com/country
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
65433ce9f5c2db2aa8c98d3eef8516d5e818cd23d60ec0e0bfd94c40c9f8d368

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/
0
66 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=jPTYhruTh7&w=5636982307291136&o=5768545745502208&cv=2.1.19-1-g9747148&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&sid=iSYGVpdKZ&upapi=true
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 13 Oct 2023 12:00:22 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
entityProfile-9a141f07a519191b.js
decrypt.co/_next/static/chunks/pages/
0
15 KB
Other
General
Full URL
https://decrypt.co/_next/static/chunks/pages/entityProfile-9a141f07a519191b.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
98104
cf-polished
origSize=40338
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 08:36:33 GMT
server
cloudflare
etag
W/"9d92-18b2307c268"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lfbynd08Cr%2F6xT9U2PIRFV%2FXnpmgrz1bw3C1muph7qlJFLU1J49vTuR8kX17IaSt1hqSRbmRdLXPEF5uZmaD5NUSohNYAEZD7v9bsa56Nb%2FGpK0APXNncHOXxlY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
688523035 676577473
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfcd8fb1c87-AMS
cee494a37593e48f2852abdcf2da701a1edcc6a57ba62c7c01cd
superficialspring.com/create/
288 B
315 B
Fetch
General
Full URL
https://superficialspring.com/create/cee494a37593e48f2852abdcf2da701a1edcc6a57ba62c7c01cd
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.134.78 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
78.134.111.34.bc.googleusercontent.com
Software
/
Resource Hash
8d3d54f42513f0e67ebcde4ffc3a40c4770f6824611aecc523d29233e34b18cd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 google
x-buildnumber
1033761249
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://decrypt.co
x-hostname
fen-hoothoot-europe-west1-spot-f2l1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 13 Oct 2023 12:00:21 GMT
truncated
/
601 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ecf5d667778b93ce2386f53f403878f2c77034c38c7bd2eef99036f1ed275454

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
594 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
630a4f0237aa55482aef3e5e16bfd7c0db7a93be19d41ef0c2f4271e7df23930

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cabb3e4ffbbe312b58437e244a2ee8071864b015f387c7d98773ecac924f3a12

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1503c25caa45c97ea04a1317228be52331739a397c0d574ded2426fa4d1e8596

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8615aaaa7fdc9f56622310ae9d4e13338daea5fefac1245db2cb42b8d54027a

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f891785dd8326d095f6c19c4c63134d007153912320d95f0c58347787554fe8

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03c1ae94700cc6d242f6471370b9299bd6ae9e251cb69a3d4e40aeb1e795abc9

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ed9466c67ace83e6b064793dca7fa4623a271a35a08e7d8dc35fc73981314bc

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
706 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96db78688eeaa912da69dc30b36409f108e9814426f15a9d6eb1cc76640a37c2

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
699 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4176bc6d8b5357779cc56579a19f114f37fbdef8a593d3b175c0e9e064b05160

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
4233.10fe592252da215d.js
decrypt.co/_next/static/chunks/
17 KB
7 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/4233.10fe592252da215d.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/webpack-40a3e8d5d0fa5f89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ddab1542776af2c183796feac4698b616858acab1f86d7adc1fbe1d036bda597
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
7509425
cf-polished
origSize=17209
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Tue, 18 Jul 2023 13:58:38 GMT
server
cloudflare
etag
W/"4339-189694bbab0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rwg9ooY%2BFiRJYYeR8JWcsDSPWNrxgtUeCUu8xc9Q8JKfESdsFuAWe5LHdlELKfJppOSR9o48kNpwUdlgO%2FhakgpHF41s%2BmwRAZ60spFoI57l08ZA5lRaU948hhA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
40208179 39855527
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfcf90f1c87-AMS
4649.8bd83dada3128425.js
decrypt.co/_next/static/chunks/
117 KB
36 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/4649.8bd83dada3128425.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/webpack-40a3e8d5d0fa5f89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2cb404cd4798c3d35c75ce97120c251ac19174af1270ed1aa8e1ff79d9a11a89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
5604215
cf-polished
origSize=119989
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Wed, 09 Aug 2023 15:01:47 GMT
server
cloudflare
etag
W/"1d4b5-189dad17378"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BieMH3%2FnmvULEKTrZvufm8Hr0DERRGMeMB8wfofdUiS04k4eh33oYkblUYjY13GHePnnX8Q71sPEIU36nfT4pnftsCtRULR4MSadYnRuewRmizkRWBiG9gmdB8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
189702473 189748971
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfcf9101c87-AMS
2586-aedaebab88f808e3.js
decrypt.co/_next/static/chunks/
26 KB
10 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/2586-aedaebab88f808e3.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
bbfe35357e92be2143fd8a3fd131911fe164b694cfb457960a9a13627c1bf4ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4586
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"68d1-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5Ig51qc9CLYgg78Z13KDQzCCB1SzEcLS5%2FcXEgKL%2BIJ9I%2F%2FD0D2I6KH8scudxKQGluyqQ15Jgdyz0WcidxZpGVfNn4xrviYuKGne8hMKpfPZO8zgEC1k1rojos%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
945793822 946146261
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd09131c87-AMS
6541-a202304ddff842cf.js
decrypt.co/_next/static/chunks/
14 KB
5 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/6541-a202304ddff842cf.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
bb0db7b8618c44b39502a90d2bd5060d0ad48a4812f95661e9a45cc516f9ed4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4408
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"39ec-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9kGtKQVQ%2BrRwq3ZoNX3%2Fy7JvJPX8bVIPuOw%2FAbKyY4DdyeEiu7hZYfihH7vJQ20BJoBLkfNjEmXI9fgh2fCXLIOemHodXuQi9LG3KdlYr43RtUp0dry6itmLeY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
945857917 941292765
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd09161c87-AMS
category-cddd81d417c702eb.js
decrypt.co/_next/static/chunks/pages/
288 B
532 B
Script
General
Full URL
https://decrypt.co/_next/static/chunks/pages/category-cddd81d417c702eb.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
94f2b63c4b8bc91fe2ffc208f42201c7f3ee69a1df3955a6c497fdf5293f18b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4408
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"120-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPiBPZCZjTatbnL%2BZbdTOhsU2bC6Vocee4u8eAml3XWhCJzaLRvMITwhNLvPwxdhrIp%2FdM4kk3d5baGgXIzBIyM9nK3%2FYl8KaLiJWIHr6QAkPDWFNCI%2BmCNI1nM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
945108918 942390711
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd09181c87-AMS
0ed3300054eb1272.css
decrypt.co/_next/static/css/
2 KB
828 B
Fetch
General
Full URL
https://decrypt.co/_next/static/css/0ed3300054eb1272.css
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
986d2765ee5233d76b93e68ad82e9406d3c887a911b848aa6c65f05f432ad6d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
12272433
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Wed, 24 May 2023 10:54:31 GMT
server
cloudflare
etag
W/"776-1884d656658"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kd2H3zRv6LPU26q3ogPau3%2Fc%2FP9i3wFq%2BqpKTHe94IfCNUEnAy%2BGr9aIEW%2FvNMgLteY5qKavIGqC%2FENMcElAtQk%2F6rIuDPbyaFqfTQVfx%2BTXG%2FU3GGTNtvrQFbk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
x-varnish
112170201 115344428
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd09151c87-AMS
2008-fc63e0f5e917a57b.js
decrypt.co/_next/static/chunks/
18 KB
6 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/2008-fc63e0f5e917a57b.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
75a9ef368cf6a87b95edba8530bbde9f611da0d8c0128dc995cb78573538d5c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4586
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"49af-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5ow%2FKfFs%2FosZzIR%2BR6jP4cqi4K2VMgoWxCp02OzPZmd2HOonSOgnM40rur%2FcRT24huq0hoSskH%2B6UBe9Mfh8j0QXbd0X2QFAMyM3uL0ZugAvV7itiNGayNPHmc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
942341949 944813854
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd091b1c87-AMS
gg-87a893bb1b47810f.js
decrypt.co/_next/static/chunks/pages/
21 KB
7 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/pages/gg-87a893bb1b47810f.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e1c21e5a1eee07233181dfae87478c6845ad2e0eb9ada9966e42e1afdf073aee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4586
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"5551-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdLVhFe0UYlCmSAlh7KcghBBnzUcHfx1J6IoR7QPt9MfLT2izcpEJ4F2jhG1%2FnEM4uf5XR%2F2XNOtw50tfMMDhwfUds3oZKDEtQ25k5sz5Cab7L1Qcb3K23Tlcb4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
945916080 942626267
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd091d1c87-AMS
9956-af7d43a23ad26907.js
decrypt.co/_next/static/chunks/
38 KB
15 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/9956-af7d43a23ad26907.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e80574fa6253401684f48ffe86ab25e9d84cbb8ea36601b1b72cb36e195bfcc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4094
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"98fd-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DP%2B%2FQzbd9FxZmMyfpRVlLRWu88XbwUPJv7r2%2BUfz%2Bs62DFKyiB9zFxGrD7TKrG3EzzJoLjHH9iKveG%2BnXAjXE7IV3qzOpyRIRUcs4AguXxKt7i%2B8DqsM4WH8oc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
940941733 943447028
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd09211c87-AMS
2054-670fd973eaa40307.js
decrypt.co/_next/static/chunks/
10 KB
4 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/2054-670fd973eaa40307.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3477d1a5cc20a40ebf68fa0c6960b02782cc9b68cb2029c70dc1e3035cc79818
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4094
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"2952-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hv%2BTn0DUsH0Dw6wikAwtVxPMMv6D0y3KXpByAoDcdoaIy1D2qMsWSoFWTGlJ%2FgsIW2xNqhF1U0o8ka3S1MgC6Q7GDA2%2BQHC4k5H7SWgTbCw81PamLOIwUK8KLWg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
944548480 944323183
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd09231c87-AMS
6206-f1e08153d79bbfc7.js
decrypt.co/_next/static/chunks/
13 KB
5 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/6206-f1e08153d79bbfc7.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
70b0ee24d1a960d5daa14929ea8845d72d443df38da9647c78b7efa1a4f89280
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
771793
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Wed, 04 Oct 2023 13:33:06 GMT
server
cloudflare
etag
W/"336f-18afae46250"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44CR2XYhQ%2BI0vdVAQiIKZzprxGZlRLizKCHub2fc8aWVKXVuzfjIvzYmOpboWbKu36uN0YYNRCucQaruKk5eqW84wUAoFXE3uZAJrhlWz7xfDGWYoP7fsNtcqpk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
816622310 829333958
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd09241c87-AMS
emerge-938bbde26b801981.js
decrypt.co/_next/static/chunks/pages/
8 KB
3 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/pages/emerge-938bbde26b801981.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c96f1f7d335c62de50b20e8fb947d900476736ee9849b1651948020c99830546
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4094
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"1ebd-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bm9nZ2mQxHz8XxtacqMYbH9Xn0XQoCp8XMnsehEjBryH%2FIzYMs0d1%2FKeP8jJkRB4LG%2BhysHCbt%2FG61yrFT0uChJa1F0sxfDeJTiZ8nFVeFIyOVHLecsZLYP4wIg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
938825894 945008674
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd09271c87-AMS
cb126f029e35e6fd.css
decrypt.co/_next/static/css/
2 KB
733 B
Fetch
General
Full URL
https://decrypt.co/_next/static/css/cb126f029e35e6fd.css
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f11639f1d65789a93d3f4de1d94e4cffbade35c6bfdaec735c41283d905adf56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
2804980
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Tue, 05 Sep 2023 14:39:24 GMT
server
cloudflare
etag
W/"776-18a65c8a960"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0q%2F5B7laXgP4chQQvW%2BtuWqwPq9WoH3uXu1JFQA2YrMxlDVaxgP%2B4mfarylLvKhxxTTvzvpxGYU8Dy6x16OUc5RGaf4%2BDwkrJBMDZ9nSDqJWqPqTjwrFh2DCbE4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
x-varnish
609919574 444876463
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd09221c87-AMS
newsletters-a7fb4f7162d1338a.js
decrypt.co/_next/static/chunks/pages/
5 KB
2 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/pages/newsletters-a7fb4f7162d1338a.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f25e58d784e0fb5cb719c92ec2aae9f13ecfed6c2f3d105185696859617c8fc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
96748
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 08:36:33 GMT
server
cloudflare
etag
W/"1392-18b2307c268"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrR%2BdNqNe4Dao0OdSqMwNhgZNFyugXRqhIM1aH0aLOLW%2B%2Blx0SEv%2FCXDoiaw1sYvUTPP%2BrTiZSqDuYGyaQ5c6vFo91AKvz8BVuS8fzbs2RPbMllScWqOCEi6ZSE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
692623660 679946039
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd09281c87-AMS
d68e3e640ab57b79.css
decrypt.co/_next/static/css/
2 KB
650 B
Fetch
General
Full URL
https://decrypt.co/_next/static/css/d68e3e640ab57b79.css
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1cde0f8766b5ab99fe8429bf0c338cb1884ebbaf971f4fa6f3d94979d0358c3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
12272433
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Wed, 24 May 2023 10:54:31 GMT
server
cloudflare
etag
W/"71e-1884d656658"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZRG2pVJ9%2B4A8MTHsw98lbH0%2BXd6qQgTaDfjG8z2KzOq61ozwIiXuVEu85mmA5yWSHStYeNpN0%2BkZcfKF9c%2BoibPt5O%2BXuu86O0cqrxrCKZJMT%2BHa96yPAn28gM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
x-varnish
112170202 110270074
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd092a1c87-AMS
university-2acb0b5fdc28b6c2.js
decrypt.co/_next/static/chunks/pages/
55 KB
18 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/pages/university-2acb0b5fdc28b6c2.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a586f675b3b5380e521d24e3cdb674e4b2cf89d56314da99cbdc1c9889f137df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4094
cf-polished
origSize=56412
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"dc5c-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVYgHSGhLtoYOmRbuqzqxJTQ9mHPJw8zbva97y9E2BhkgUljLB47HZ9DCBbnUtzbwnEb2dOduzRKEObHyPy7QcyyckHtlITBuZQgNxqyHTg1DQcp7ueFAbkvaN4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
939476152 944097369
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd092b1c87-AMS
888226bffc1c6073.css
decrypt.co/_next/static/css/
3 KB
871 B
Fetch
General
Full URL
https://decrypt.co/_next/static/css/888226bffc1c6073.css
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
151c139ddfb39c87522cac64c61826adcf234b451d8de1545d30685816eb7c70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
3705988
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 31 Aug 2023 14:30:09 GMT
server
cloudflare
etag
W/"da7-18a4c006568"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2Bq7mvsgZ0Ygd%2BlK4bsrq0KXfq7n%2BPHpw6eLpcivYvkoYqI0x0fUJFHrsWn7ts7NihkaSIFxs8GArat0XEtXnlGZyPW8X1Vy6KkNhiDQd1ENkLvuAxsGGKOqiK8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
x-varnish
290506882 291424209
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd092c1c87-AMS
9068-472515969d04bdfc.js
decrypt.co/_next/static/chunks/
17 KB
7 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/9068-472515969d04bdfc.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d22ea328ef996fb9d21ee2ca854e754d553fa0d0c75a97047046a1d04309cd3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
96748
cf-polished
origSize=17893
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 08:36:33 GMT
server
cloudflare
etag
W/"45e5-18b2307c268"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2F1KAlOjIbORtQMBNxIZzd8sh%2FeK%2FP8zW0T9vPxE0B%2B12qukTasdoFCX7JvZVfI9oNIZTu3P%2BNjdm%2FiswC5zLoNZJlqLYBob79yhv4wPB6ttVMX5%2Ba5vTQLqcZY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
691442077 688455926
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd09321c87-AMS
8749-55806d0e55147823.js
decrypt.co/_next/static/chunks/
23 KB
8 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/8749-55806d0e55147823.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2ad22bf8a40b708554b5a2fee3f7e18f29bc73bed208625058b97f62352d494f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
266339
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Tue, 10 Oct 2023 09:40:20 GMT
server
cloudflare
etag
W/"5ddc-18b18f56fa0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=isJBYckNkIAZuEHLz8dJNWS3kDLaSXbmk4dvY%2FubwXTb3H27OZnc64m4StYFLbaaltK7cW1dKf%2F499m7dJkpQfsBedsDGIlKJbcVq05G9Y9EoLCnK%2FHKVIB86kQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
94255648 84660290
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd39541c87-AMS
videoIndex-b58e5a23211dc7eb.js
decrypt.co/_next/static/chunks/pages/
4 KB
2 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/pages/videoIndex-b58e5a23211dc7eb.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fc3ea0e39d7073725836e52297ada0169a423e10671c9c556a6dc937237a955f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
96748
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 08:36:33 GMT
server
cloudflare
etag
W/"11f1-18b2307c268"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0ikBC7%2F0U93C92G7TSZXnrknuLpCI2Al6QIcRy2eywI4AghqlCuV%2BiaFOYQSp%2BAENxw4qDI%2BMruLLy5H4gK4IQycA4DpUiswG%2FW9PUsf9xdwNSCh9%2FNih%2F1X1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
695011139 687603977
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd39561c87-AMS
OneSignalSDKStyles.css
onesignal.com/sdks/
82 KB
9 KB
Stylesheet
General
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2858
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
81576bfcf8c409b4-ARN
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sun, 12 Nov 2023 12:00:22 GMT
ping
ping.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=decrypt.co&p=%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&u=Ncq7sDelZjeBiQnaD&d=decrypt.co&g=66139&g0=%5Blang%5D%20en-US%2CNews%2CBusiness%2C%5Bhub%5D%20None&g1=Sander%20Lutz&n=1&f=00001&c=0&x=0&m=0&y=6583&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&b=2913&t=DcLkuuhpl2DTR_uACRAuQnDEN8uW&V=141&i=FBI%20Confirms%20North%20Korea%20Behind%20%24100%20Million%20Harmony%20Hack%20-%20Decrypt&tz=-120&_acct=anon&sn=1&sv=PA9mTGy_S0-DL4iB6xBlrDkkjPx&sd=1&im=067b2fff&_
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.160.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-160-55.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 13 Oct 2023 12:00:22 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
7875-52793450212f4191.js
decrypt.co/_next/static/chunks/
404 KB
161 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/7875-52793450212f4191.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
25d2af365a881b381498b86fce905f4b80c513ac1f127ee481cdf5af9a24298a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
2805564
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Tue, 29 Aug 2023 12:16:03 GMT
server
cloudflare
etag
W/"6504b-18a4138e7b8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnwvSqNAWAkzZ6zYGKLm52mfwqhC1vji8a7Wtzv5WJnUUTR5AGWrAiYt1a0Z3OuM63DT%2F3twEUi8WPaJsxWCmsF9ApEdpEEuWi5b9bydQsxS91YFUi2KBG4mw2c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
584953846 279478921
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd39571c87-AMS
2359-929f0b2ffc8fd604.js
decrypt.co/_next/static/chunks/
11 KB
4 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/2359-929f0b2ffc8fd604.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
77d80a07dd5c20732e3936da19eb384f296c6a2502632d2ad63c2eaa9c122724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4094
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"2a10-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bF8uqlzD9jxtrDzhdMpg8Khxi7edSj8KNgquliNjMCGKfstACn5ENUfC0tfhpVZqIY6ANBJWEvE7wEVTlgCnYkSG1TcMFAywFjy3hk4DL5y8LrdEcWadGTY3Z50%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
935849641 941127540
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd39581c87-AMS
index-25ac20ba8b595ea4.js
decrypt.co/_next/static/chunks/pages/
21 KB
7 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/pages/index-25ac20ba8b595ea4.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fdc3fd4bd8e40fc6c25ec03029cd5ff2b02c4486988545c377dd9655ca346dbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
4094
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 10:36:59 GMT
server
cloudflare
etag
W/"54e1-18b289c60f8"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjC89UL1TSXNJ%2BjlCJtZ5FkMQE%2BhIJii6pDsyXP6%2F%2Bm6h8Z79Zrzs%2FN8vbbKvLSDitGFl%2Ft0Jolagtcrq4%2Bggs%2B3J846MlITvBychVgQlfwhsY%2BlOHGCs4RLiw0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
944548481 943447026
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd39591c87-AMS
author-863c421c5bf9e857.js
decrypt.co/_next/static/chunks/pages/
22 KB
9 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/pages/author-863c421c5bf9e857.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
bf0aebd58e52cff2ea4b6f333dbe5d326268d58a5738259217757a8944d0a525
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
98104
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 08:36:33 GMT
server
cloudflare
etag
W/"5602-18b2307c268"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0du2BnVsgDils3Rsut0kwlLw8614eUwxntCY0IHEz6foqUyDerxXIXpYr7vDoM%2FGmTb86IL50SuDhXvKjhU26SWZ6uYdBGVf567zKfRHY6OGshvbfYJ6T%2BxvUfk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
687768561 683511057
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd395a1c87-AMS
entityProfile-9a141f07a519191b.js
decrypt.co/_next/static/chunks/pages/
39 KB
15 KB
Script
General
Full URL
https://decrypt.co/_next/static/chunks/pages/entityProfile-9a141f07a519191b.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d3bb6598915d7cb507f6016893bebdf5a7ba8ff86c1ad77dc2730f17d071843d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish (Varnish/7.0)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
98104
cf-polished
origSize=40338
x-powered-by
Express
content-encoding
br
x-cache
HIT
cf-bgj
minify
last-modified
Thu, 12 Oct 2023 08:36:33 GMT
server
cloudflare
etag
W/"9d92-18b2307c268"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUlzof%2B5y6tn7iq4KjYT8SbIkgC%2BY5qtxtLb04AVmvxJRYp9WQsQTMxdzSCQYB81uCIxj8oJ%2F2PV17ollvd5wBrjjKY9xoZOJ%2FAYxBMiNoCGuLMUpsCXEzCY8jY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-varnish
688523035 676577473
cache-control
public,s-maxage=31536000,max-age=31536000,immutable
access-control-allow-credentials
true
cf-ray
81576bfd395b1c87-AMS
post-render.js
delivery.pubgenius.io/deployments/92/2667-a58870f8/
3 KB
1 KB
Script
General
Full URL
https://delivery.pubgenius.io/deployments/92/2667-a58870f8/post-render.js
Requested by
Host: delivery.pubgenius.io
URL: https://delivery.pubgenius.io/decrypt.-kkbxZKGT/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-17.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1696fcbb575d662885a6f23d7ec2acedd2622ebe61731136e0e912a3ad7a0e37

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 04:55:29 GMT
content-encoding
br
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
last-modified
Wed, 05 Apr 2023 12:50:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
284694
etag
W/"befdeaec4fe0ebb79f6c120b46a7d847"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=864000
x-amz-cf-id
qhJyqoT4Nk8iYyBxVXvvWO1NLk4FhNIuarOPniYudcJmMXAq0YoNhA==
publishertag.prebid.132.js
static.criteo.net/js/ld/
89 KB
29 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: delivery.pubgenius.io
URL: https://delivery.pubgenius.io/decrypt.-kkbxZKGT/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:31 GMT
server
nginx
etag
W/"642e8db3-16298"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Oct 2023 12:00:22 GMT
getDesktopListings
explorer-api.walletconnect.com/w3m/v1/
7 KB
2 KB
Fetch
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getDesktopListings?projectId=58ba09e3c80b1a336ae02b8cd7cf8636&sdkType=wcm&sdkVersion=js-2.6.1&page=1&entries=9&version=2
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f7868215a21ca7e8cc040f664ed03556e5efc7ab0e18a7453b9d1c28913d430

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 10:43:00 GMT
server
cloudflare
age
4642
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=21600
cf-ray
81576bfe2eb55f0f-ARN
x-robots-tag
noindex
expires
Fri, 13 Oct 2023 18:00:22 GMT
59dd90c9b7bae9ce.css
w.mmin.io/_next/static/css/ Frame 1A67
98 KB
15 KB
Stylesheet
General
Full URL
https://w.mmin.io/_next/static/css/59dd90c9b7bae9ce.css
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bd39c0761fc83fb4f48dac35334f5b28980acb1abdacfcbe1c03984d930e75b

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 2ac244f3035dac54badc413a33e6e00c.cloudfront.net (CloudFront), 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CMH68-P5, ARN56-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Fri, 06 Oct 2023 08:39:23 GMT
server
cloudflare
etag
W/"0c49cf5f125a93b297009497302c1c40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8gjDlTWM6fsXwI8Q9fx%2Bc0pJuXXng9NJj%2FZm8%2Fc6gwySYzJ3MQ8c3tLEOLDk63ogFe5nsni6tuhkmfadtZVhCBWTKYuzvmE0fhKI8prpUWqIlqYs7DFqK3Klg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200, immutable, s-maxage=2
cf-ray
81576bfe2fecb807-RIX
x-amz-cf-id
kpJnOWkZ7qkXoulF803W3w0jW98cQGogCfC2AOBdx9nRmoRrCkRtmA==
a2484fc84d50ffc1.css
w.mmin.io/_next/static/css/ Frame 1A67
7 KB
1 KB
Stylesheet
General
Full URL
https://w.mmin.io/_next/static/css/a2484fc84d50ffc1.css
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ed4d21ae604cee31eb8d3680b53e02252742c90bd4bc0c49e335b9285175e63

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 16d00d7ad10f83e40570caef730b80b2.cloudfront.net (CloudFront), 1.1 9fde400234236c10982fe8b8a3ca9eb2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CMH68-P5, ARN56-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 04 Jul 2023 07:09:00 GMT
server
cloudflare
etag
W/"00fff5ef6d46914bc9655b95c1d794cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVISuvu%2BvDsQQooSSgpiVS55DPlb2RoR0%2Bg1LArBmgsNIkIbk4ZvlEgFxaMoVLwCQpU%2B5OTP9ozI0N%2FqxOASiVr7nttF3tVWp%2F%2FHJCFR194Qo1CL1o8Fs96z%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200, immutable, s-maxage=2
cf-ray
81576bfe2fedb807-RIX
x-amz-cf-id
LhO03oqp2QvmH-WSuZQ2zJATLNaNthnHYhHtvshzyiUU7J_4_j8Sag==
79020b591845e613.css
w.mmin.io/_next/static/css/ Frame 1A67
460 B
703 B
Stylesheet
General
Full URL
https://w.mmin.io/_next/static/css/79020b591845e613.css
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46844d512212ef39ac03bece95761175c4f198fbfc059acc7c2f5d75a0086f1

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 c2c4c49c753f4fb31a27fc7309644516.cloudfront.net (CloudFront), 1.1 4838101f07e2dfcd1db4abc88031f082.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CMH68-P5, ARN56-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 10 Oct 2023 06:55:32 GMT
server
cloudflare
etag
W/"d8bc2ae42be3fb98cc38534269960538"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24G7bbWqaPfRNO0uI3FfFoPI2PYbxl5OmVKlM9YO%2F3HcawZpeP1OiPWSGmN7C4gKo%2BaaugYk2fmVSDJ83%2Fvl%2BSp2pFZ0wyhCefmE4fEvYfi8PmU6T6v1SFBLnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200, immutable, s-maxage=2
cf-ray
81576bfe2fefb807-RIX
x-amz-cf-id
SHeVYWaKrkum5QxqciLaSHzO2R3YnLhTNsONjdXvU6qaMeChhsl99A==
654021c7e50971c5.css
w.mmin.io/_next/static/css/ Frame 1A67
460 B
804 B
Stylesheet
General
Full URL
https://w.mmin.io/_next/static/css/654021c7e50971c5.css
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab757d43f2206a84995307329f0dc63a1fdf175b6f0e58e3a80c681af6d606d8

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 14d28a1cca01ee032df46e4f2653d0b6.cloudfront.net (CloudFront), 1.1 9fde400234236c10982fe8b8a3ca9eb2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CMH68-P5, ARN56-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 04 Jul 2023 07:09:00 GMT
server
cloudflare
etag
W/"0f357f22b2f99922ec2e59b29c86aca9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cssmz1OQnCWy6cNInTBR%2BwjtBmh7vMWs9Rkq3r7q7l8%2FSC8v1CWN6YWqz5q9p7QP%2BBS9qMgHvYyI%2BvdIzw0H1znmis%2FiXYOev2%2BHVKbldlyyFTiv50umtPaRuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200, immutable, s-maxage=2
cf-ray
81576bfe2ff1b807-RIX
x-amz-cf-id
ALqGW7M1v6mFKPSyOpflze986oBq_pINMLkK8Dbbt6FnmMV-eZuqvw==
fp.min.js
assets.moneymade.io/js/ Frame 1A67
33 KB
15 KB
Script
General
Full URL
https://assets.moneymade.io/js/fp.min.js
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91e92f74169711752632b43feebb1b964265b6e9d9b62a31035599d2919d40fa

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
493
x-guploader-uploadid
ADPycdvm7Eq6JLIEayd_vA7JKzGidnZ1BAAQoEtUguxeCAF8HW51ozibQmefB-AfMu_BubBnd1RBtOOL3doICLcPKDznUA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Thu, 30 Mar 2023 02:12:09 GMT
server
cloudflare
etag
W/"03e4262c20387f068198426e5779b5a2"
vary
Accept-Encoding
x-goog-hash
crc32c=dNTSuQ==, md5=A+QmLCA4fwaBmEJuV3m1og==
x-goog-generation
1680142329658361
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type, x-goog-resumable
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFPR2A%2BBK9nrUB%2FwuHuqcJKt9UgCtycQVxvoSm44k%2F59QgdYOXqbRfDpPRlDwtyze1I3nxZiEGhT1xrWl3MLIb%2B0AhktYKGrn47tymtzDswP8fGoKdF2gc%2FaaO08f%2FkfIo6%2Fi1o%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
33760
cf-ray
81576bff19dc0d3a-ARN
e7a69249-a3d95903e5bbcd31.js
w.mmin.io/_next/static/chunks/ Frame 1A67
196 KB
62 KB
Script
General
Full URL
https://w.mmin.io/_next/static/chunks/e7a69249-a3d95903e5bbcd31.js
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3724ff4acc49942a03ca3d38953a5721172ecb22c5e3e7ec7d009716cfed3491

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:23 GMT
via
1.1 14d28a1cca01ee032df46e4f2653d0b6.cloudfront.net (CloudFront), 1.1 c68aa4270b22c7e4e7044fd6df451f70.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CMH68-P5, HEL50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Thu, 27 Jul 2023 20:26:24 GMT
server
cloudflare
etag
W/"9f4ae38c9c4a07a218f6c5cb74beb8f5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84sGSoJdrSPB8yy%2BQ0aEDAABNdX0t%2BC%2BKnIS04YyW%2FiA9ykWqMFvWMLU8LJsEG9FEpzss5XdBlcuDALREpxx1u2zIPWlbcFBwv2VKO9NZJkykD8ZiCRFl0WLAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=43200, immutable, s-maxage=2
cf-ray
81576bfe788db807-RIX
x-amz-cf-id
Cf1WqPNM1Myqb5EixmZrZ72XhoPxE8YY-fMWZIiqFbSseaS_jwAc2Q==
3382-c3f051583663d00e.js
w.mmin.io/_next/static/chunks/ Frame 1A67
7 KB
3 KB
Script
General
Full URL
https://w.mmin.io/_next/static/chunks/3382-c3f051583663d00e.js
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
650f2eccd059ae0ba2f37ded360e6f763ab2a4cbc99b40f3d94b517e90b50c5d

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 edca9035b158b44e00e6852409c4e6fa.cloudfront.net (CloudFront), 1.1 9803a30a87f1ec1047cb2b8ad5ecc43e.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CMH68-P5, ARN56-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Wed, 04 Oct 2023 11:21:04 GMT
server
cloudflare
etag
W/"8e4f6fa1fa082f0172b6df3d20393947"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jXYb3i3mqkHW2f1sCPaDcC7nu43f2I0h2vDKLL1%2BZAAO4OvAApEKqf3hxUTERFKsrotfA3VirViRrw5fcTfP39ZtbeYwac1j9sxYFwKZ%2Burnqy0Gm1y8Govtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=43200, immutable, s-maxage=2
cf-ray
81576bfe788eb807-RIX
x-amz-cf-id
uZIjtZzvbjmUbHZK5Wd-fN6AHR-jYQvGpUDeAaEhoGkjnGNEvmd8UQ==
3425.6f0935b2e215abb1.js
w.mmin.io/_next/static/chunks/ Frame 1A67
8 KB
4 KB
Script
General
Full URL
https://w.mmin.io/_next/static/chunks/3425.6f0935b2e215abb1.js
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a0012b5dcfe08919c97ab93c3874ad30e5827a0d6b21b3dab6d3efff9ddf902

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:23 GMT
via
1.1 7f51b3ed93bc3627f3061df07d24a090.cloudfront.net (CloudFront), 1.1 1c104af9dcb33e29b8c5ed9ebabafb86.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CMH68-P5, HEL51-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Wed, 27 Sep 2023 10:57:38 GMT
server
cloudflare
etag
W/"9f34d0e81de84142ae2aa884d8a4390d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBtXgHYpU3FnWLAc6qF4wf28c15%2FTZUL5bHllC8x6E97A3MwrI1jw5IyhMYsVQ8cs4BFCIhhulhJLgzhUtuin0DXoS5l0iVtWiiQtZtpLNE82XmrLT9UBP1cow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=43200, immutable, s-maxage=2
cf-ray
81576bfe7891b807-RIX
x-amz-cf-id
f3_Cf7lhxMGwaWS2_dp_9p48KjjN5vLpV9dYOwMiFt2gYr3EUTi0pQ==
9746.e83292bb3a237030.js
w.mmin.io/_next/static/chunks/ Frame 1A67
9 KB
4 KB
Script
General
Full URL
https://w.mmin.io/_next/static/chunks/9746.e83292bb3a237030.js
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b6b89eaeed8a27571d77afbd7758cb8f1849f13df2e78eeab4ea396e81ff974

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:23 GMT
via
1.1 13251067b4790a333f7c3d608025c66e.cloudfront.net (CloudFront), 1.1 cfd5f3f9049bdb2faa50d6a13e6adb78.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CMH68-P5, ARN56-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Thu, 05 Oct 2023 00:29:33 GMT
server
cloudflare
etag
W/"ddd58daadfd318a562c4d2d2ffd8eac0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19UOgEyODs0jjFENpqDl8G6MNgunWRe8OpM38EKVYNnLSEHpsDYNlz0%2F72gf45veyoz%2FH%2FOl1nFx0%2BCzbKY5xDfg9QmnM%2BS9BNpX3kWtCezGMRNN%2FauEd4nzQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=43200, immutable, s-maxage=2
cf-ray
81576bfe7893b807-RIX
x-amz-cf-id
TjLYL2-SUfXStcmk_E6Y4Cfq2-lLWNph5h7C-Afjw1k0HRmeNEp74g==
852.30d8e5d40fd57157.js
w.mmin.io/_next/static/chunks/ Frame 1A67
1 KB
1 KB
Script
General
Full URL
https://w.mmin.io/_next/static/chunks/852.30d8e5d40fd57157.js
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b7a9c0b7d1793ee17e59d95b00dcf775ca800a48b2397c0be2fd3674e7dc61d

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 746f6e170e429fc94de6ac30e08ca30c.cloudfront.net (CloudFront), 1.1 4aba10f1ef4bda5f7c1b86a07ca64264.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CMH68-P4, HEL51-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Wed, 06 Sep 2023 10:14:01 GMT
server
cloudflare
etag
W/"4f25134eacaf861f0fd7c76c0d2f5d86"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajrXYhmENtkSoY6KgGIWtBho%2FV2k8T%2BufleAx%2B%2BmLXBLDDHEcu3bBG%2BcZyXDtabd6dQh6QvHqMzAXo%2FWWU6lvRIyq4FeNH1q9MjbPISdh%2BHvQxuuZvV%2FP6S5NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=43200, immutable, s-maxage=2
cf-ray
81576bfe7895b807-RIX
x-amz-cf-id
X1PqlZxkmIzEVFlUYSd9Birty1E3GpZQV9eQLfq74aJYZqKDRWVvlw==
webpack-00e4cebd208c14a7.js
w.mmin.io/_next/static/chunks/ Frame 1A67
7 KB
4 KB
Script
General
Full URL
https://w.mmin.io/_next/static/chunks/webpack-00e4cebd208c14a7.js
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78450ec69f1f43be5a6f584ebff62a7f3dd8101697c235df6ba2837905f5feef

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:23 GMT
via
1.1 40867fef594010a8d9ec2cb0a5cb2350.cloudfront.net (CloudFront), 1.1 0078c2805bf98a4574ea5eee972aa9f6.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
ORD58-P1, ARN56-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Fri, 06 Oct 2023 08:39:23 GMT
server
cloudflare
etag
W/"2ecb2db5e13a2a72af0e17cd149eb666"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vu2BG6w2r3TJQYlE5PkhikDFmaPxbBGFlmRfmDizyegTeJVgQi1qwtxUzWCx%2FGcIw1tntS%2Br1uAtWRydeeQLN8yEtI6FpF7zg2lTnUr6P%2Bebe3rwfpZ9%2FOQElg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=43200, immutable, s-maxage=2
cf-ray
81576bfe7897b807-RIX
x-amz-cf-id
HEZ1uF1_RYveKl4kZvY4F79-eBbZaUTTty5jNK-SzL2W9tPiO2xzdA==
framework-269384b49a926f76.js
w.mmin.io/_next/static/chunks/ Frame 1A67
127 KB
42 KB
Script
General
Full URL
https://w.mmin.io/_next/static/chunks/framework-269384b49a926f76.js
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e54a8faf23df54bd3f0a3b09089a638ea398a99f4923a7f224edc499fe2eff5

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 ede5c6921f45d3b45a7afce27d144cda.cloudfront.net (CloudFront), 1.1 0c7df46428c45dd75d01d31cc57c5d22.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CMH68-P5, HEL50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 04 Jul 2023 07:09:00 GMT
server
cloudflare
etag
W/"d01732f061a19872af0e7f90750a81e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZqwDbGf3GiFXdOqfKchexok%2BuwkRZBwevLTEws6PZ98alCDGs5QGcvDSarY2TLB3Jj%2BEuuH%2FhX6PUnByTQjEzqCg3tib3MAr6km17pyMV3V48i2x8kyXIW%2BUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=43200, immutable, s-maxage=2
cf-ray
81576bfe789ab807-RIX
x-amz-cf-id
cdCZvaJe_stM6GdTmETS2bAfR7q0PA376gM8JRP-mGRAxBl25dKUKg==
main-afd3dd3f65b8f56d.js
w.mmin.io/_next/static/chunks/ Frame 1A67
103 KB
31 KB
Script
General
Full URL
https://w.mmin.io/_next/static/chunks/main-afd3dd3f65b8f56d.js
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e074d00cc3c69b34863f5a2cc7fa291c84f6bd0900fc79bf983ce4f17dad94b

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:23 GMT
via
1.1 14d28a1cca01ee032df46e4f2653d0b6.cloudfront.net (CloudFront), 1.1 9b9a19a17f71baf11790ad734100cb88.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CMH68-P5, ARN56-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Mon, 26 Jun 2023 18:53:20 GMT
server
cloudflare
etag
W/"472fb975ae7c360486a60569ce64c36f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXyZAnneD7CmYj8WzE0felAUC6IJCJ2pNMKoLkrA9WF72BSjj4XCuQCutawLKfQ97fPghosnDoc%2FSLoporOIHqHJSIE4DveN0wiLnSXVHpwzVsBgVaVUHlqwoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=43200, immutable, s-maxage=2
cf-ray
81576bfe789cb807-RIX
x-amz-cf-id
xlg3xoxYviE85YylMBpgcYlFflHU8kCQ7jK55EuWa1MYFAnuz4w3Dw==
_app-0cd12d18f8c7f71f.js
w.mmin.io/_next/static/chunks/pages/ Frame 1A67
268 KB
81 KB
Script
General
Full URL
https://w.mmin.io/_next/static/chunks/pages/_app-0cd12d18f8c7f71f.js
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a012e00cc6c9fea6a77b69d7758d25de92b83f4a9fb20b4354d7ee0daf9bfc6

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:23 GMT
via
1.1 c2c4c49c753f4fb31a27fc7309644516.cloudfront.net (CloudFront), 1.1 11b1425a6d4f554d768315c2301c82b2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CMH68-P5, HEL51-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 10 Oct 2023 06:55:32 GMT
server
cloudflare
etag
W/"69ea4cf7722a8ce057e361e9e47df228"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpBgg7Nc6b3fx6pr6lBdf%2BH6anIPdKgfEpSItzDbhn2LPnkxZ9sQMsqrrseAAPvbgrG3Wfjyjne0iVjtCpI82vvaFxgzTykyQOBqekfriBg3p6rZ%2Bjx8idO78w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=43200, immutable, s-maxage=2
cf-ray
81576bfe789fb807-RIX
x-amz-cf-id
PPfRGpjF8GxzzRVvcO6xcrVsV9cBSViFFoowUjR6sp-GYxf69RgY3w==
horizontal-offers-c03dceab0e09aa67.js
w.mmin.io/_next/static/chunks/pages/ Frame 1A67
9 KB
4 KB
Script
General
Full URL
https://w.mmin.io/_next/static/chunks/pages/horizontal-offers-c03dceab0e09aa67.js
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e22d06839445e8e5127b3f42c6129a3d4b7e1869c80647b7d4d948ea74a232ed

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:23 GMT
via
1.1 998c8f8dd9f34524398aa703daa84514.cloudfront.net (CloudFront), 1.1 1006b6fade1118dfc3284a26ac82fccc.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CMH68-P5, HEL51-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Wed, 27 Sep 2023 10:57:39 GMT
server
cloudflare
etag
W/"18bb3ecbe1d4c9297ac29b6b8a606d7d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2FIUjFhy8b2hl6o8bmpNzG5VG80iCjPffwm2AvJp9xXTA3I7iT9Xq7D%2FmPERMgHMr%2BXIuiTQsKqBtnB%2FbP7MVR74CkYuNg3FDbZCyFHpFq%2F8ceBvqrLJ4sXR5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=43200, immutable, s-maxage=2
cf-ray
81576bfe78a2b807-RIX
x-amz-cf-id
hXzNi4y8btG6jBwNTqk_rgc_gHm-_8coPq9hZAJD1zQtwb5RX9CX7g==
_buildManifest.js
w.mmin.io/_next/static/GQfggnwyfY2vkUnNPdlH-/ Frame 1A67
4 KB
2 KB
Script
General
Full URL
https://w.mmin.io/_next/static/GQfggnwyfY2vkUnNPdlH-/_buildManifest.js
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddac9c3e43934ee5886aeaaeea2a5b58b31f3d0dca35ff480065621b2f5bb59b

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:23 GMT
via
1.1 14d28a1cca01ee032df46e4f2653d0b6.cloudfront.net (CloudFront), 1.1 15f101bbbd2c0af1fa1038ce000605c6.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CMH68-P5, HEL51-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 10 Oct 2023 06:55:32 GMT
server
cloudflare
etag
W/"2497d8de12e498993c541c9df918a58d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdQM84egjAxqv2r5hwTUFKxXym68GCv4nWfQAy4SxkCAfqZhv73%2FRxvvhay6idARTTDaV9n07FGpo2oIPurfZVBdAf5i3lLDkt4J2WZN1%2FqS1lmath60Gsb%2FCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=43200, immutable, s-maxage=2
cf-ray
81576bfea921b807-RIX
x-amz-cf-id
YF7stW7d5Fx6JPrOWesZg8UmKnJiRnIqKd9PJbEpYbrsyg75c7i03g==
_ssgManifest.js
w.mmin.io/_next/static/GQfggnwyfY2vkUnNPdlH-/ Frame 1A67
198 B
696 B
Script
General
Full URL
https://w.mmin.io/_next/static/GQfggnwyfY2vkUnNPdlH-/_ssgManifest.js
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6941796b3ef2f1cd8a60dc8497dafb587a4a46633f6408e1d0bf5da906e7546b

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:23 GMT
via
1.1 998c8f8dd9f34524398aa703daa84514.cloudfront.net (CloudFront), 1.1 45ff2040e09b26d7b6a62f48718e1406.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CMH68-P5, HEL51-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 10 Oct 2023 06:55:32 GMT
server
cloudflare
etag
W/"a7ac2d94e3f0ec6488b8ac96c19b8a87"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tjA2U9a1FP%2FUCbnboIWuMLPU9gh62ZpmHE32F2NbqBDOnbQ3IqmfupwYm4cyTz%2F16sCpT%2FepNLfaZdFIsGKpxqH3A1fuF03VuLyNa4ITcUZv40h2r%2Bu%2B8nHHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=43200, immutable, s-maxage=2
cf-ray
81576bfea925b807-RIX
x-amz-cf-id
sPFyAm1XopKsEHVEPAvYmOmmLqE1NyHjmwGLh6QbIO-mSr3vBenlug==
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ Frame 1A67
20 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://w.mmin.io/
Origin
https://w.mmin.io
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
81576bfedd7a2e15-ARN
AGSKWxUgPqloUsaoRdHYn35aF45AVMA287NuubAvqfecVT0VVB9IKxAsoRcvnkpO4H5s9r__D8Ef3koT821um_8ejGSom4oTE2ZTBpUzqXwfVif9XE-d1ry2QzG6UsaG_RpaQnoEFiVixQ==
fundingchoicesmessages.google.com/f/
309 KB
50 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUgPqloUsaoRdHYn35aF45AVMA287NuubAvqfecVT0VVB9IKxAsoRcvnkpO4H5s9r__D8Ef3koT821um_8ejGSom4oTE2ZTBpUzqXwfVif9XE-d1ry2QzG6UsaG_RpaQnoEFiVixQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk3MTk4NDIyLDc0ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9kZWNyeXB0LmNvLzExOTg2MS9mYmktbm9ydGgta29yZWEtbGF6YXJ1cy1ob3Jpem9uLWhhcm1vbnktYnJpZGdlLWhhY2siLG51bGwsW1s4LCJiUDVIRHBNVno1YyJdLFs5LCJlbi1VUyJdLFsxOSwiMSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.bP5HDpMVz5c.es5.O/am=gAE/d=1/rs=AJlcJMykuiSVqUZuP-MosH2DfFjjt0MuMg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
ESF /
Resource Hash
058b10ee66670fce739c8cabe03b3b9476c625db6b107725adfaa23a5fd0e1a0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uUIXDKH1dQ-W-Vsrzw6jVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:22 GMT
content-security-policy
script-src 'report-sample' 'nonce-uUIXDKH1dQ-W-Vsrzw6jVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
e5893e085f1587ca97637d08a2bc2674523e06e950f896320ac3
superficialspring.com/
3 B
27 B
Fetch
General
Full URL
https://superficialspring.com/e5893e085f1587ca97637d08a2bc2674523e06e950f896320ac3
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.134.78 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
78.134.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 13 Oct 2023 12:00:22 GMT
via
1.1 google
x-buildnumber
1033761249
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://decrypt.co
x-hostname
fen-hoothoot-europe-west1-spot-f2l1
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
73f6f52f-7862-49e7-bb85-ba93ab72cc00
explorer-api.walletconnect.com/w3m/v1/getWalletImage/
3 KB
3 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/73f6f52f-7862-49e7-bb85-ba93ab72cc00?projectId=58ba09e3c80b1a336ae02b8cd7cf8636&sdkType=wcm&sdkVersion=js-2.6.1
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb9fb4000086474f84dcae9a54dd2862d09878bc505f1d4b5525755a5723eca9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=16+0 c=0+14 v=2023.7.3 l=2762
date
Fri, 13 Oct 2023 12:00:22 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
age
3190
content-length
2762
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfRMNMx7h0m2-_fAD9P7SygyPPUG7FeV1c8ZwDJoU7DQ"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=21600
accept-ranges
bytes
cf-ray
81576bfedf8a5f0f-ARN
x-robots-tag
noindex
expires
Fri, 13 Oct 2023 18:00:22 GMT
a7f416de-aa03-4c5e-3280-ab49269aef00
explorer-api.walletconnect.com/w3m/v1/getWalletImage/
2 KB
2 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/a7f416de-aa03-4c5e-3280-ab49269aef00?projectId=58ba09e3c80b1a336ae02b8cd7cf8636&sdkType=wcm&sdkVersion=js-2.6.1
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a824e4c63932ec7c2684c8c9554c84461efb5d731d15387d77bb5c3e78f9d5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=640+0 c=1+23 v=2023.7.3 l=2090
date
Fri, 13 Oct 2023 12:00:22 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
age
4613
content-length
2090
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfeV6YXTHd_vyfarpvxqg62GCGUG7FeV1c8ZwDJoU7DQ"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=21600
accept-ranges
bytes
cf-ray
81576bfedf8d5f0f-ARN
x-robots-tag
noindex
expires
Fri, 13 Oct 2023 18:00:22 GMT
7e1514ba-932d-415d-1bdb-bccb6c2cbc00
explorer-api.walletconnect.com/w3m/v1/getWalletImage/
3 KB
3 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/7e1514ba-932d-415d-1bdb-bccb6c2cbc00?projectId=58ba09e3c80b1a336ae02b8cd7cf8636&sdkType=wcm&sdkVersion=js-2.6.1
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9407c0251bd7b695a38698d04bbb15514ed472e11797aef7793b9acb2b04fcff
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=16+0 c=0+16 v=2023.7.3 l=2632
date
Fri, 13 Oct 2023 12:00:22 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
age
4613
content-length
2632
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfmeYviP6kCNFgjEWLRBgPUJnDUG7FeV1c8ZwDJoU7DQ"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=21600
accept-ranges
bytes
cf-ray
81576bfedf8f5f0f-ARN
x-robots-tag
noindex
expires
Fri, 13 Oct 2023 18:00:22 GMT
c39b3a16-1a38-4588-f089-cb7aeb584700
explorer-api.walletconnect.com/w3m/v1/getWalletImage/
5 KB
5 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/c39b3a16-1a38-4588-f089-cb7aeb584700?projectId=58ba09e3c80b1a336ae02b8cd7cf8636&sdkType=wcm&sdkVersion=js-2.6.1
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1562ed280e5486999bfa41e9eddf46996b078b54e14fff9748b427c793bc6969
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=17+0 c=0+9 v=2023.8.1 l=5054
date
Fri, 13 Oct 2023 12:00:22 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
age
4613
content-length
5054
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfzxenqWecI6yJVG_C8-69sArsUG7FeV1c8ZwDJoU7DQ"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=21600
accept-ranges
bytes
cf-ray
81576bfedf915f0f-ARN
x-robots-tag
noindex
expires
Fri, 13 Oct 2023 18:00:22 GMT
9f259366-0bcd-4817-0af9-f78773e41900
explorer-api.walletconnect.com/w3m/v1/getWalletImage/
7 KB
7 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/9f259366-0bcd-4817-0af9-f78773e41900?projectId=58ba09e3c80b1a336ae02b8cd7cf8636&sdkType=wcm&sdkVersion=js-2.6.1
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1962f56716c3fc8e93e593dd611f7b45a8632bacf8df45b56f9dcc5b3c10958
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=23+0 c=1+27 v=2023.8.1 l=7170
date
Fri, 13 Oct 2023 12:00:22 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
age
4613
content-length
7170
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cftQTt3un0HlQqBazMK6bKNWLiUG7FeV1c8ZwDJoU7DQ"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=21600
accept-ranges
bytes
cf-ray
81576bfedf925f0f-ARN
x-robots-tag
noindex
expires
Fri, 13 Oct 2023 18:00:22 GMT
204b2240-5ce4-4996-6ec4-f06a22726900
explorer-api.walletconnect.com/w3m/v1/getWalletImage/
9 KB
9 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/204b2240-5ce4-4996-6ec4-f06a22726900?projectId=58ba09e3c80b1a336ae02b8cd7cf8636&sdkType=wcm&sdkVersion=js-2.6.1
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32efe5b98531569d4ee92ffd791b6c3ad191a5178b224377fc427918ae4e2caf
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=15+0 c=3+20 v=2023.7.3 l=9300
date
Fri, 13 Oct 2023 12:00:22 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
age
4613
content-length
9300
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfHSK7haDWQDA9lEEikk-9BEcPUG7FeV1c8ZwDJoU7DQ"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=21600
accept-ranges
bytes
cf-ray
81576bfedf935f0f-ARN
x-robots-tag
noindex
expires
Fri, 13 Oct 2023 18:00:22 GMT
b6ee4efc-f53e-475b-927b-a7ded6211700
explorer-api.walletconnect.com/w3m/v1/getWalletImage/
9 KB
9 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/b6ee4efc-f53e-475b-927b-a7ded6211700?projectId=58ba09e3c80b1a336ae02b8cd7cf8636&sdkType=wcm&sdkVersion=js-2.6.1
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c8d2bda4f39810c8650a74cece803ff55b40bd234f9ca35068b6155e0bc7555
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=19+0 c=7+32 v=2023.7.3 l=9194
date
Fri, 13 Oct 2023 12:00:22 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
age
4613
content-length
9194
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cf9TnuhjIqeWjX901zZxsJee5JUG7FeV1c8ZwDJoU7DQ"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=21600
accept-ranges
bytes
cf-ray
81576bfedf945f0f-ARN
x-robots-tag
noindex
expires
Fri, 13 Oct 2023 18:00:22 GMT
fbd441cc-e861-46dc-48ae-a04228ddb500
explorer-api.walletconnect.com/w3m/v1/getWalletImage/
9 KB
10 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/fbd441cc-e861-46dc-48ae-a04228ddb500?projectId=58ba09e3c80b1a336ae02b8cd7cf8636&sdkType=wcm&sdkVersion=js-2.6.1
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9584c8da5e38495a93fa58ed0efe855fd33a41aa972bcd33ad1d867828964517
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=30+0 c=4+28 v=2023.7.3 l=9660
date
Fri, 13 Oct 2023 12:00:22 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
age
4613
content-length
9660
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfFJ943IWAd-AliTnsJ2QbJY_MUG7FeV1c8ZwDJoU7DQ"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=21600
accept-ranges
bytes
cf-ray
81576bfedf955f0f-ARN
x-robots-tag
noindex
expires
Fri, 13 Oct 2023 18:00:22 GMT
7fd5a23a-3a01-4cfb-3c8b-9f43ae414400
explorer-api.walletconnect.com/w3m/v1/getWalletImage/
13 KB
13 KB
Image
General
Full URL
https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/7fd5a23a-3a01-4cfb-3c8b-9f43ae414400?projectId=58ba09e3c80b1a336ae02b8cd7cf8636&sdkType=wcm&sdkVersion=js-2.6.1
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08c2edc5a337a9567c3f3aaa1633d55cbcfb18a2e244f69426c4a408c24b56c0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://decrypt.co/
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=671+0 c=1+29 v=2023.7.3 l=13372
date
Fri, 13 Oct 2023 12:00:22 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
age
4613
content-length
13372
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfRafM7wSd8-Qni9A0q6y28FCOUG7FeV1c8ZwDJoU7DQ"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=21600
accept-ranges
bytes
cf-ray
81576bfedf965f0f-ARN
x-robots-tag
noindex
expires
Fri, 13 Oct 2023 18:00:22 GMT
publishertag.prebid.132.js
static.criteo.net/js/ld/
89 KB
29 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:31 GMT
server
nginx
etag
W/"642e8db3-16298"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Oct 2023 12:00:23 GMT
css
fonts.googleapis.com/
69 KB
4 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.bP5HDpMVz5c.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwdsYbxRH-P5gRB9bCCz3o0fkurag/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f10.1e100.net
Software
ESF /
Resource Hash
2cad1c8be3f8f84a05361f5b560fbd93895541c6da9de09b995ee742f0b4c6ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 13 Oct 2023 12:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 12:00:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Oct 2023 12:00:23 GMT
NM1SttzMAJi5vmorMJz7h9W8YUavAIz2v_t062uNnsrRUVQK9LCFWIoz_45k1LxJ96Uk0uhJ59Wd5IaGAyNGPT9AKI6wjBo84T1naYDZw1mBCB1Lnxs=h60
lh3.googleusercontent.com/
2 KB
3 KB
Image
General
Full URL
https://lh3.googleusercontent.com/NM1SttzMAJi5vmorMJz7h9W8YUavAIz2v_t062uNnsrRUVQK9LCFWIoz_45k1LxJ96Uk0uhJ59Wd5IaGAyNGPT9AKI6wjBo84T1naYDZw1mBCB1Lnxs=h60
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
fife /
Resource Hash
553fc7c7cd881783ed531f223660125e4bb4da4e6001271833a280301b54828f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 10:49:51 GMT
x-content-type-options
nosniff
age
4232
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2479
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 14 Oct 2023 10:49:51 GMT
QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
fonts.gstatic.com/s/worksans/v19/ Frame 1A67
49 KB
50 KB
Font
General
Full URL
https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
ea0a3347586d6655b46a02ad49e267649273207f1099d548e069cae4b7b2bc61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w.mmin.io/
Origin
https://w.mmin.io
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:23:02 GMT
x-content-type-options
nosniff
age
63441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50560
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:34:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 18:23:02 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/
125 KB
126 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://decrypt.co/
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 09:56:40 GMT
x-content-type-options
nosniff
age
266623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Oct 2024 09:56:40 GMT
AGSKWxXX3-iVnhGWtmdEPEwHgopvXBdooKZmvNWx0NYUU86XfRPet2hlVTkL08bF3ObDoz7_b6fQQbzMF9mHAjgMvOccJdik19sB-mKFiMS4n0-ZNy3Qs_mJxUOpr7Ec9oJLVMyo86dMkQ==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXX3-iVnhGWtmdEPEwHgopvXBdooKZmvNWx0NYUU86XfRPet2hlVTkL08bF3ObDoz7_b6fQQbzMF9mHAjgMvOccJdik19sB-mKFiMS4n0-ZNy3Qs_mJxUOpr7Ec9oJLVMyo86dMkQ==
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RxOoyP_tjgmtqgdjqFAFMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 Oct 2023 12:00:23 GMT
content-security-policy
script-src 'report-sample' 'nonce-RxOoyP_tjgmtqgdjqFAFMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://decrypt.co
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
o409492.ingest.sentry.io/api/5620486/envelope/ Frame 1A67
2 B
333 B
Fetch
General
Full URL
https://o409492.ingest.sentry.io/api/5620486/envelope/?sentry_key=1ea9c1f5b0e64bc4b3eb45ef07838aed&sentry_version=7
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/_next/static/chunks/pages/_app-0cd12d18f8c7f71f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://w.mmin.io/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 13 Oct 2023 12:00:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
getV2PremiumWithCustomOffers
us-central1-benchmark-media.cloudfunctions.net/ Frame 1A67
48 KB
15 KB
XHR
General
Full URL
https://us-central1-benchmark-media.cloudfunctions.net/getV2PremiumWithCustomOffers?source=decryptco&responseVersion=v3
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/_next/static/chunks/pages/_app-0cd12d18f8c7f71f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
d93aba0000258a95bc20fb64c8fda214b07add40da84a783871601a319dfb80c

Request headers

Accept
application/json
Referer
https://w.mmin.io/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:23 GMT
content-encoding
gzip
server
Google Frontend
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
e669e65768cd4d7f7535ae907e34c3d9
cache-control
private
access-control-allow-credentials
true
function-execution-id
yb9pmg8rtakt
detected-country
SE
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
14686
last-cache-update-timestamp
1697198411074
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
analytics.js
www.google-analytics.com/ Frame 1A67
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/_next/static/chunks/pages/_app-0cd12d18f8c7f71f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 13 Oct 2023 11:51:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
530
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 13 Oct 2023 13:51:33 GMT
decryptco
api.widgets-data.moneymade.io/api/v1/domains/ Frame 1A67
2 KB
1 KB
XHR
General
Full URL
https://api.widgets-data.moneymade.io/api/v1/domains/decryptco
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/_next/static/chunks/pages/_app-0cd12d18f8c7f71f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
971cc68c80406fb0b59f70d1f515940a38617a2ade2c3267f7ef3c19dd2c9158

Request headers

Accept
application/json
Referer
https://w.mmin.io/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"743-hcRGZKhgeo4K928jGeNA652IucA"
x-powered-by
Express
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bApC7io4b%2BVN5Np2SSjDGEDuCCvaRZON%2FBo68xp7tlvKB1V5FSGzxpyCupYz7tVUrdjbrxgI4%2FT8nuYGHkQiuZrvWyvQ%2Fna8jJEu52w%2BHqhXsisBFmQT2FFR%2BB2y7VVlmFoWHpWMHwmFg4yWPm8W"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w.mmin.io
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
cf-ray
81576c017a802e09-ARN
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://decrypt.co
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:17:53 GMT
x-content-type-options
nosniff
age
63750
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 18:17:53 GMT
collect
www.google-analytics.com/ Frame 1A67
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=886647656&t=event&_s=1&dl=https%3A%2F%2Fw.mmin.io%2Fhorizontal-offers%3Fprofile%3Ddecryptco1%26frameId%3Dmm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c%26sid%3Duser_13e8fdb5-1e3f-16a4-1630-1162a623ed71%26pitchUrl%3Dhttps%253A%252F%252Fdecrypt.co%252F119861%252Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack%26utm_campaign%3DhorizontalOffers%26utm_medium%3Dhttps%253A%252F%252Fdecrypt.co%252F119861%252Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack%26utm_source%3Ddecryptco&dr=https%3A%2F%2Fdecrypt.co%2F&ul=en-us&de=UTF-8&dt=Moneymade%20Widgets&sd=24-bit&sr=1600x1200&vp=609x150&je=0&ec=Decryptco&ea=widgetImpression&el=Horizontal-Offers&_u=IEAAAAABAAAAAAAAAE~&cid=415318786.1697198423&tid=UA-148517382-4&_gid=410401866.1697198423&z=227029596
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 23:48:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43894
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 1A67
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=886647656&t=pageview&_s=2&dl=https%3A%2F%2Fw.mmin.io%2Fhorizontal-offers%3Fprofile%3Ddecryptco1%26frameId%3Dmm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c%26sid%3Duser_13e8fdb5-1e3f-16a4-1630-1162a623ed71%26pitchUrl%3Dhttps%253A%252F%252Fdecrypt.co%252F119861%252Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack%26utm_campaign%3DhorizontalOffers%26utm_medium%3Dhttps%253A%252F%252Fdecrypt.co%252F119861%252Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack%26utm_source%3Ddecryptco&dr=https%3A%2F%2Fdecrypt.co%2F&dp=%2Fhorizontal-offers%3Fprofile%3Ddecryptco1%26frameId%3Dmm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c%26sid%3Duser_13e8fdb5-1e3f-16a4-1630-1162a623ed71%26pitchUrl%3Dhttps%253A%252F%252Fdecrypt.co%252F119861%252Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack%26utm_campaign%3DhorizontalOffers%26utm_medium%3Dhttps%253A%252F%252Fdecrypt.co%252F119861%252Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack%26utm_source%3Ddecryptco&ul=en-us&de=UTF-8&dt=Moneymade%20Widgets&sd=24-bit&sr=1600x1200&vp=609x150&je=0&_u=IEAAAAABAAAAAAAAAE~&cid=415318786.1697198423&tid=UA-148517382-4&_gid=410401866.1697198423&z=431479238
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 23:48:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43894
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 1A67
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=886647656&t=pageview&_s=3&dl=https%3A%2F%2Fw.mmin.io%2Fhorizontal-offers%3Fprofile%3Ddecryptco1%26frameId%3Dmm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c%26sid%3Duser_13e8fdb5-1e3f-16a4-1630-1162a623ed71%26pitchUrl%3Dhttps%253A%252F%252Fdecrypt.co%252F119861%252Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack%26utm_campaign%3DhorizontalOffers%26utm_medium%3Dhttps%253A%252F%252Fdecrypt.co%252F119861%252Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack%26utm_source%3Ddecryptco&dr=https%3A%2F%2Fdecrypt.co%2F&dp=%2Fhorizontal-offers%3Fprofile%3Ddecryptco1%26frameId%3Dmm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c%26sid%3Duser_13e8fdb5-1e3f-16a4-1630-1162a623ed71%26pitchUrl%3Dhttps%253A%252F%252Fdecrypt.co%252F119861%252Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack%26utm_campaign%3DhorizontalOffers%26utm_medium%3Dhttps%253A%252F%252Fdecrypt.co%252F119861%252Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack%26utm_source%3Ddecryptco&ul=en-us&de=UTF-8&dt=Moneymade%20Widgets&sd=24-bit&sr=1600x1200&vp=609x150&je=0&_u=IEAAAAABAAAAAAAAAE~&cid=415318786.1697198423&tid=UA-148517382-4&_gid=410401866.1697198423&z=594754709
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 23:48:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43894
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
ev.moneymade.io/ Frame 1A67
0
306 B
XHR
General
Full URL
https://ev.moneymade.io/
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/_next/static/chunks/pages/_app-0cd12d18f8c7f71f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://w.mmin.io/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:27 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfKzCZ7ZQefWnf0fH%2B%2FKn5p9CR61tWlbc82d24mOeatjS1cXk86Xf8lvtceaAHt5TPZ5P10RqyQrpL2cwA%2F%2BZBcu1Q0OCCmXNFxZRa7%2F2S%2BcJWmmn4g7qhFVinhQ48JzPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
b2fb0c52d55a6413f5270ef3eaa93336;o=1
cache-control
no-cache
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
cf-ray
81576c038d990a19-ARN
/
ev.moneymade.io/ Frame
0
0
Preflight
General
Full URL
https://ev.moneymade.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://w.mmin.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81576c022b840a19-ARN
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 12:00:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AprNZmXjZo%2Fp5BC%2BYLt%2B60r8QgeMlgMbUBpRduqSytr3YL9RBGzp4L52GNccvQPUAM%2BOiKqzrHMbE%2B7qx%2BzHeJN9soj6XXA4CD6x75Tb4XFblyNGqqaSw9WeHnu6YH0xJw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Access-Control-Request-Headers
x-cloud-trace-context
9f23bd8243364f3717e54efe0535f618
x-content-type-options
nosniff
rum
w.mmin.io/cdn-cgi/ Frame 1A67
0
178 B
XHR
General
Full URL
https://w.mmin.io/cdn-cgi/rum?
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/_next/static/chunks/pages/_app-0cd12d18f8c7f71f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
application/json

Response headers

date
Fri, 13 Oct 2023 12:00:23 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://w.mmin.io
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
81576c01e911b807-RIX
nr-rum-1.244.0.min.js
js-agent.newrelic.com/
44 KB
16 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-rum-1.244.0.min.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2c484ecff83da72450d8aff99257eba9f37e56993235964f531837ccc858fe9
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
yEx9eB3c05Rm_rCggwHan_NQbue3xxEr
content-encoding
br
via
1.1 varnish
date
Fri, 13 Oct 2023 12:00:23 GMT
strict-transport-security
max-age=300
x-amz-request-id
DYP7JAFBADX8MDKQ
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
15690
x-amz-id-2
j6/NUDBRXt0FlX/TG5S+uTtFV7e8wrlyuLZkqTWmSHPqfkQVPO4vyCBjA3Qaeyj9mdUGv4cMTYM=
x-served-by
cache-bma1683-BMA
last-modified
Wed, 11 Oct 2023 22:06:04 GMT
server
AmazonS3
x-timer
S1697198423.477421,VS0,VE0
etag
"5d0bc0d4b4228d6a6663322e6c09a48d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
12626
widgets.js
platform.twitter.com/
91 KB
28 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F70F) /
Resource Hash
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 12:00:23 GMT
Content-Encoding
gzip
Age
746
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27598
Last-Modified
Mon, 09 Oct 2023 20:29:49 GMT
Server
ECS (ska/F70F)
Etag
"391b7fdf0c468036f27102529636f0ca+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
simple-embed-connect.min.js
public.dispatch.co/scripts/
2 MB
454 KB
Script
General
Full URL
https://public.dispatch.co/scripts/simple-embed-connect.min.js
Requested by
Host: decrypt.co
URL: https://decrypt.co/_next/static/chunks/main-0d39d5d33f21d218.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.245 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baf4fde8e66544021f0ceae1f48f8d1edb33bc1b0bed7d051ba4423aca155c5f

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Oct 2023 12:00:23 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
mdfkM5MZiD/Uv3ECei0zkw==
age
4906
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jun 2023 23:13:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
x-ms-request-id
b73df18f-801e-0032-697a-c16ed1000000
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
81576c039c559930-ARN
expires
Fri, 13 Oct 2023 16:00:23 GMT
3913-2c6e36278eb5ed01.js
w.mmin.io/_next/static/chunks/ Frame 1A67
17 KB
6 KB
Script
General
Full URL
https://w.mmin.io/_next/static/chunks/3913-2c6e36278eb5ed01.js
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/_next/static/chunks/webpack-00e4cebd208c14a7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68c6d5e89006af6b3565a2f81aeed985564ab54cf6932853746704ae6703ee14

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:23 GMT
via
1.1 7f1a329755833afcafe212b7fd6a065e.cloudfront.net (CloudFront), 1.1 95ad0c949c0fe7e97075c6690b8574aa.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CMH68-P5, HEL51-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Wed, 06 Sep 2023 15:28:32 GMT
server
cloudflare
etag
W/"aa054795372d1926c85a325d80a0c2cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0fCNwuSQfXMz6D4F3cPg0qzi3kBRJyFZXZej7%2BRk7r%2BDG1%2FYSjw4ZLi9cAVntNe%2FYrys4zMGl%2FiACkV7G1vjZwSBLeI%2FQrn9b0XGRoHHMyYog30Xi5xzCZL%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=43200, immutable, s-maxage=2
cf-ray
81576c031c11b807-RIX
x-amz-cf-id
ylYXPL-3gq8HFGn7Q1nvLh5r0nGiGyJWW9MNckf9xYSE0FNs3NPXJw==
6066-33de9d58fd24f489.js
w.mmin.io/_next/static/chunks/ Frame 1A67
61 KB
17 KB
Script
General
Full URL
https://w.mmin.io/_next/static/chunks/6066-33de9d58fd24f489.js
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/_next/static/chunks/webpack-00e4cebd208c14a7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0e09adc349a4ec0b092c5ad5163279fab9a1471f9838c3445376d8201447f9d

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:23 GMT
via
1.1 998c8f8dd9f34524398aa703daa84514.cloudfront.net (CloudFront), 1.1 6b590e690e32695caa633ab770319d74.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CMH68-P5, ARN56-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Wed, 06 Sep 2023 15:28:32 GMT
server
cloudflare
etag
W/"b1fecbd5e6bb599516292147d3e3a68e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0iG6KvRpmS65F0aY%2B8AO%2FVguwlr3mi3acHE4min5MTc3VYULvQNikclIo38SyaZYzdLqDtAH61vg8KbbZ3bg2E8WxG7bwV%2BY3xlHXTrUNa%2FhvEdcJd5fSCbEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=43200, immutable, s-maxage=2
cf-ray
81576c031c16b807-RIX
x-amz-cf-id
By46gQDOXdCpqN4Ok7JbwNfvqmLuIgqZcicRpwCDFMX4UtLOJvWs1w==
5036eb6b18862981.css
w.mmin.io/_next/static/css/ Frame 1A67
15 KB
3 KB
Stylesheet
General
Full URL
https://w.mmin.io/_next/static/css/5036eb6b18862981.css
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/_next/static/chunks/webpack-00e4cebd208c14a7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ecee46e8b9c255353e925702a4a8d296efcaf23bcde8332bf43ef50c6815976

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:23 GMT
via
1.1 7f1a329755833afcafe212b7fd6a065e.cloudfront.net (CloudFront), 1.1 5189ed92462b822bc9c8a27ceed0cb4e.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CMH68-P5, ARN56-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Wed, 13 Sep 2023 07:12:34 GMT
server
cloudflare
etag
W/"da4ae21d7142121ed0e858d5a17fed5b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acaDqY1KKucOaZegrRhgg00hApnMbh7w9mlRBFDEI8wl2wTyWqKd4ZESILKrh9ZZPUkZqKxD5LMKGsg3mif9Y027QTKJBagF%2BoIbDlRwsPIwuAdInH1ohIQFBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200, immutable, s-maxage=2
cf-ray
81576c031c1cb807-RIX
x-amz-cf-id
3FC8kE8lkf3jy7uSLwKTJZxWaBUJ1CbVOu-J4yCfFhqUP-CDEtZ5yQ==
9820.11d344ea63da37cd.js
w.mmin.io/_next/static/chunks/ Frame 1A67
8 KB
4 KB
Script
General
Full URL
https://w.mmin.io/_next/static/chunks/9820.11d344ea63da37cd.js
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/_next/static/chunks/webpack-00e4cebd208c14a7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
197589421fd20148662a37c088876fe53ca3930f5f62cedccba05b912da9327a

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/horizontal-offers?profile=decryptco1&frameId=mm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c&sid=user_13e8fdb5-1e3f-16a4-1630-1162a623ed71&pitchUrl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_campaign=horizontalOffers&utm_medium=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&utm_source=decryptco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:23 GMT
via
1.1 81e839ce31651517fdd5c593655bd0d6.cloudfront.net (CloudFront), 1.1 9fde400234236c10982fe8b8a3ca9eb2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
ORD58-P1, ARN56-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Wed, 04 Oct 2023 11:21:04 GMT
server
cloudflare
etag
W/"6b52f814a27d5b3f9239882300ca0d7a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QxfKsz47XG0QkESz9W0BkvQOLE7qXogGoAsYHHdd1QODSuP8oNvB4G%2BmL%2FYCbR9JWkuPuQe5Cu0zFMrakPht7oCFPphFr53d4EkcfMVupRSO9KukBLQwbXGDlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=43200, immutable, s-maxage=2
cf-ray
81576c031c1db807-RIX
x-amz-cf-id
mpxqvwLuJu-bO4CsKWrAOnilRu_M4T6nRCyVxZc9SnKbjlhQD_oKVw==
NRBR-1e6eb6b8d0e89352dae
bam.nr-data.net/1/
40 B
392 B
XHR
General
Full URL
https://bam.nr-data.net/1/NRBR-1e6eb6b8d0e89352dae?a=264322964&v=1.244.0&to=MwYDMRRRVxIEWkwNVgpMJB0WQlwSFlNLS34hN05KXFxWAgRVXUxcFx8HFxpRS0haFgIUVhcXPgwCGGJRSABlTxBMTFsWCkVeSFo%3D&rst=3879&ck=0&s=235ccdd59bb08aeb&ref=https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack&tt=42ea9f901e49d794&ap=355.050712&be=1113&fe=2647&dc=758&perf=%7B%22timing%22:%7B%22of%22:1697198419636,%22n%22:0,%22f%22:0,%22dn%22:10,%22dne%22:10,%22c%22:10,%22s%22:60,%22ce%22:114,%22rq%22:114,%22rp%22:1114,%22rpe%22:1337,%22di%22:1429,%22ds%22:1871,%22de%22:1871,%22dc%22:3755,%22l%22:3756,%22le%22:3760%7D,%22navigation%22:%7B%7D%7D&fp=1362&fcp=1362
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 13 Oct 2023 12:00:23 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://decrypt.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
40
x-served-by
cache-bma1678-BMA
collect
www.google-analytics.com/ Frame 1A67
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=886647656&t=event&_s=4&dl=https%3A%2F%2Fw.mmin.io%2Fhorizontal-offers%3Fprofile%3Ddecryptco1%26frameId%3Dmm-widget_1dd7efb0-1e51-1137-1b57-1253f970673c%26sid%3Duser_13e8fdb5-1e3f-16a4-1630-1162a623ed71%26pitchUrl%3Dhttps%253A%252F%252Fdecrypt.co%252F119861%252Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack%26utm_campaign%3DhorizontalOffers%26utm_medium%3Dhttps%253A%252F%252Fdecrypt.co%252F119861%252Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack%26utm_source%3Ddecryptco&dr=https%3A%2F%2Fdecrypt.co%2F&ul=en-us&de=UTF-8&dt=Moneymade%20Widgets&sd=24-bit&sr=1600x1200&vp=609x150&je=0&ec=WidgetInSession&ea=horizontalOffers&_u=KEAAAAABAAAAAAAAAE~&cid=415318786.1697198423&tid=UA-148517382-4&_gid=410401866.1697198423&z=600361903
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 23:48:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43894
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
MM-Symbols.woff
assets.moneymade.io/fonts/MMIconFont/ Frame 1A67
52 KB
29 KB
Font
General
Full URL
https://assets.moneymade.io/fonts/MMIconFont/MM-Symbols.woff
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/_next/static/css/59dd90c9b7bae9ce.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c041863f2b4f0e115790fd4bc4279b51efb76c68f496f866412c7be7274fb426

Request headers

Referer
https://w.mmin.io/
Origin
https://w.mmin.io
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3387
x-guploader-uploadid
ADPycdu2u0EPJL4gvxb6BBkXL7r2yv3SrSRfKnxAIQaPQRH99oSFMEq2nhxlbd5URFy5VvAJVT1qtOVSzF0Ki3mISy-f8A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Wed, 31 Aug 2022 10:00:55 GMT
server
cloudflare
etag
W/"9d141660509d98d451231b297b8f2a04"
vary
Accept-Encoding
x-goog-hash
crc32c=NbWMJQ==, md5=nRQWYFCdmNRRIxspe48qBA==
x-goog-generation
1661940055902734
content-type
application/font-woff
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-resumable
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hc0Hu9PsOTLBOxCsbDUajOhUogicG%2BLsFNYeGsz2VinBeW6UZrhUrC1wkmUkSjKfYvQNFSrd%2FpaDspWBiNa5Eukpq9YFZx0Cvb2WgIVsC%2B5mkenFeehLUGsxw4BJOjD5dT8HrGs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
53144
cf-ray
81576c03b8040a2b-ARN
/
ev.moneymade.io/ Frame 1A67
0
284 B
XHR
General
Full URL
https://ev.moneymade.io/
Requested by
Host: w.mmin.io
URL: https://w.mmin.io/_next/static/chunks/pages/_app-0cd12d18f8c7f71f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://w.mmin.io/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:23 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqKXjH%2Fi7NzDlkuR8eVLuP4%2BgsPIUaBLcTBqPg0kUTOhqax7tz0uWazhjwTrkIoUf1o%2B5kvQnZrSY2%2FJ%2FrfY6n2S2kv6ZOvkMyKqqTa%2BfnAFk0vVBXmgSWPKfAU0IJWrWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
a7d68155299bab8513259d33cf2cec59
cache-control
no-cache
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
cf-ray
81576c04af0e0a19-ARN
/
ev.moneymade.io/ Frame
0
0
Preflight
General
Full URL
https://ev.moneymade.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://w.mmin.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81576c035d520a19-ARN
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 12:00:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMUG%2BCZP2t2I%2BMTGjWpYQKs3NttBi9vShNeSBvpDWic4TDwUAEY5rkq8zeD6uBijqjlEdHlTUCro8kpXu8XrBzy0yA2wR8Ux5FO2iGrXTtxf2%2Bs4KC4pXa65E7GsOxosGg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Access-Control-Request-Headers
x-cloud-trace-context
6cbe1f604ed202f1f67118f5a4587010
x-content-type-options
nosniff
widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html
platform.twitter.com/widgets/ Frame 0861
319 KB
104 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fdecrypt.co
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F704) /
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://decrypt.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
314871
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Fri, 13 Oct 2023 12:00:23 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 09 Oct 2023 20:29:18 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (ska/F704)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
settings
syndication.twitter.com/ Frame 0861
869 B
657 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=631410dfe0ab30624bd5429bf2091f8383db533a
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fdecrypt.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time
104
date
Fri, 13 Oct 2023 12:00:23 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Fri, 13 Oct 2023 12:00:23 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
c8e9aea9bdc3cc4b
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
13d6c7943ba528701594413013461e33faf7d723a030440cb220bb4e0aa4cc93
content-length
337
embedded-wallet
withpaper.com/sdk/2022-08-12/ Frame 7005
39 KB
7 KB
Document
General
Full URL
https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Requested by
Host: public.dispatch.co
URL: https://public.dispatch.co/scripts/simple-embed-connect.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.232.33.101 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-232-33-101.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2027835fd8ad2db231b8e32d013bfdee62991836da3e45b36c9436f8ab878edc

Request headers

Referer
https://decrypt.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 13 Oct 2023 12:00:24 GMT
etag
"hgdi8y5kfjuoa"
vary
Accept-Encoding
thumbnail_CS_New_Vertical_mono_c2_f1b969c0a7.png
static.moneymade.io/thumbnail_CS_New_Vertical_mono_c2_f1b969c0a7/ Frame 1A67
11 KB
12 KB
Image
General
Full URL
https://static.moneymade.io/thumbnail_CS_New_Vertical_mono_c2_f1b969c0a7/thumbnail_CS_New_Vertical_mono_c2_f1b969c0a7.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9029db23f4f85ccc165baad7b1faacd6dbf338374ec896e968d97bc0d53c8eb6

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:24 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
491
cf-polished
origSize=14353, status=vary_header_present
x-guploader-uploadid
ADPycdsMNrgGqxqMk6W8728Dfk1GX86nIBnDPEHkK06zGwcfjhaEI6sr9nXooeL47IQVWlmaTCNhoG37wf6tYkUNTt7eHnHsC-1o
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="thumbnail_CS New__Vertical_mono_c2.png"
content-length
11225
cf-bgj
imgq:100,h2pri
last-modified
Sun, 28 Aug 2022 02:52:01 GMT
server
cloudflare
etag
"ef71b12979ac44b4867df28c50872d72"
vary
Origin, Accept-Encoding
x-goog-generation
1661655121207035
content-type
image/png
x-goog-hash
crc32c=CiZHsA==, md5=73GxKXmsRLSGffKMUIctcg==
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7j2AcjmQdScybpe8tU81iWbD%2FCmDyVCuoZNngA%2BLUFhf7WHCnUdwREHTKva2IOn%2Byn6sbesZ8McpboXb%2B776jSNPv8ekuUvMT04sWTuxP7mj5yVvWrUj7z7CSzodlbevwkskls%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
14353
accept-ranges
bytes
cf-ray
81576c06e826b80f-RIX
thumbnail_ef8b42e4_6fc5_47d9_bfc3_450b6d117039_7ae3423a3f
static.moneymade.io/thumbnail_ef8b42e4_6fc5_47d9_bfc3_450b6d117039_7ae3423a3f/ Frame 1A67
3 KB
3 KB
Image
General
Full URL
https://static.moneymade.io/thumbnail_ef8b42e4_6fc5_47d9_bfc3_450b6d117039_7ae3423a3f/thumbnail_ef8b42e4_6fc5_47d9_bfc3_450b6d117039_7ae3423a3f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c045842455f98f786dbe3d7150e9e9751e918f86d686ced5ede8a85e8387630

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:24 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
x-guploader-uploadid
ADPycdu8OlssYVGaV0GKFHJHdBdi7s5m6lSd01V0fx3EV0TfjkfnL4RJ7eWW2aEhPUUqSUc-6WkkWGsXbS1iMmMZz01R_Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-x-goog-reserved-source-generation
1649253386116253
content-disposition
inline; filename="thumbnail_ef8b42e4-6fc5-47d9-bfc3-450b6d117039"
content-length
2670
last-modified
Wed, 24 Aug 2022 21:18:13 GMT
server
cloudflare
etag
"18a4028ff63c6014a34086c283dfebaa"
vary
Origin
x-goog-generation
1661375892990261
content-type
image/jpeg
x-goog-hash
crc32c=yKS4lQ==, md5=GKQCj/Y8YBSjQIbCg9/rqg==
cache-control
public,max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtMxFHgjeCG7sK%2Bcske10KFwvfZouAt%2F7tSdYRDjndR8qJZhbpo6ZG6XV5x9o3DDkZXEoT%2BiBQSolKsCuRE2s%2F3qMQYimwR82Z5%2B8bLZp1vxK9atzKQScMuIWMs8%2BWl7fDDOH6o%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
2670
accept-ranges
bytes
cf-ray
81576c06e82eb80f-RIX
thumbnail_25b4e1f0_a510_44c2_89be_4d0bb24bef4a_a39979ec26
static.moneymade.io/thumbnail_25b4e1f0_a510_44c2_89be_4d0bb24bef4a_a39979ec26/ Frame 1A67
3 KB
4 KB
Image
General
Full URL
https://static.moneymade.io/thumbnail_25b4e1f0_a510_44c2_89be_4d0bb24bef4a_a39979ec26/thumbnail_25b4e1f0_a510_44c2_89be_4d0bb24bef4a_a39979ec26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b4c0f06de2af30b0d26b6360eff4eea02c2acf1cfc87d4f3266fc3e02a68dac

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://w.mmin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:24 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
379
x-guploader-uploadid
ADPycdukp5sLfJ1-89a454md_DuGq3I6P2tWJmU6wP8HEXh1KqgWTY-mjfqIkF_VNyW8D8K_U82_zHEqqJOkED08ngP1ueXNyGOm
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-x-goog-reserved-source-generation
1649254089537321
content-disposition
inline; filename="thumbnail_25b4e1f0-a510-44c2-89be-4d0bb24bef4a"
content-length
3038
last-modified
Wed, 24 Aug 2022 21:17:59 GMT
server
cloudflare
etag
"f0d560981f799994de4506184a334d94"
vary
Origin
x-goog-generation
1661375879426988
content-type
image/jpeg
x-goog-hash
crc32c=D5Gu6g==, md5=8NVgmB95mZTeRQYYSjNNlA==
cache-control
public,max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iIX%2BxAXcqOXjiVZUPXoohSgBvufqU2R0dQljzMT%2BJT%2Bi3SOXvRqw%2FL3fxckcYh4VgD%2FfuQIlNicWyjQ3gx1UjhQ0dv34JHUtDIo%2BWObxybaZMNbETgrwRHTSCmJEuLcnsyrEyw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3038
accept-ranges
bytes
cf-ray
81576c06e830b80f-RIX
truncated
/
78 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
21740a7be0698666aa1644259ebeea93df405ee9e6a59e331e6dbd032b8b97f3

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
gateway.decrypt.co/
437 B
879 B
Fetch
General
Full URL
https://gateway.decrypt.co/?variables=%7B%22filters%22%3A%7B%22taxonomy%22%3A%7B%22eq%22%3A%22DEFINITION%22%7D%2C%22slug%22%3A%7B%22eq%22%3A%22ipfs%22%7D%7D%2C%22pagination%22%3A%7B%22pageSize%22%3A1%7D%7D&operationName=Terms&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%220a6378af45429e7f54ee1adb04d53e1254ec0d36ba7bb6e264972408780ebf43%22%7D%7D
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd2770261d17331f0f5b61efa78bdfca626de50b0e185702a22de50ba67da863
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://decrypt.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:24 GMT
via
1.1 varnish (Varnish/7.0)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT
server
cloudflare
etag
W/"1b5-9krLOYRToSA6uFP6hqfdam/z1qU"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQZQsMX6ZE%2BM2IqNtQjIboA3rkz%2BOl00b9JM8ixSzGbHHQrNl9sxzxrleOgYZEMradHSLYnP5qzl2DmFDhG9dOHaUn%2BIIZEDwaqcB7tl2g1Nsbvg5iV6SSsMmox7bmWD4gm0ew%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
738150956 744695124
access-control-allow-origin
https://decrypt.co
content-type
application/json; charset=utf-8
cache-control
max-age=300, s-maxage=300, public
access-control-allow-credentials
true
cf-ray
81576c067a151c87-AMS
445d49139fa59fa8.css
assets.withpaper.com/_next/static/css/ Frame 7005
2 KB
1 KB
Stylesheet
General
Full URL
https://assets.withpaper.com/_next/static/css/445d49139fa59fa8.css
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f7fa452a755e2a802c1211e81129128db8510c74eee0def46702518885e269e

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
EoqoYIAEOTuElZ998dLs_jp9a25vHieH
content-encoding
gzip
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date
Fri, 13 Oct 2023 07:46:00 GMT
last-modified
Fri, 06 Oct 2023 22:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
32229
x-amz-server-side-encryption
AES256
etag
W/"03a5428fb3090b39457caf08863610a8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
jFgd9veIENDuM3y9s4-zdu7QtAFGOkT-SXozj3WkJt0F-ryO2HM9kw==
webpack-99dcf14c645b6196.js
assets.withpaper.com/_next/static/chunks/ Frame 7005
7 KB
4 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/chunks/webpack-99dcf14c645b6196.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7c62ee64ae8097484b8a7b0e25ca1e174f9e7a79ec0cd2ea6aaf2fa2ac0d149

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
xMJW5KxG6iFJoyK.RtpHf6hy6xVoOHov
content-encoding
br
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date
Thu, 12 Oct 2023 21:16:59 GMT
last-modified
Wed, 11 Oct 2023 21:15:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
53014
x-amz-server-side-encryption
AES256
etag
W/"188dc0b93663fffcea111e3390e762c8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
FR4uL2vObXJEoo8Qnz3W8Gj1Ld3CatBbjQ3OEnPe1I1iMGsL9nsA2g==
framework-ce84985cd166733a.js
assets.withpaper.com/_next/static/chunks/ Frame 7005
138 KB
45 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/chunks/framework-ce84985cd166733a.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21e67844bd44af52119de8c22c866e82cbc0c8e38a3ed317efb1c418422b6d4a

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
j8zOHXYxRhRcjhdxSWSLHnQYZZBN94XX
content-encoding
gzip
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date
Fri, 13 Oct 2023 07:46:00 GMT
last-modified
Fri, 06 Oct 2023 22:52:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
24437
x-amz-server-side-encryption
AES256
etag
W/"7139a33e17faa89b1ea96aeb70592ad5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
dZdTBXt3rwsXLVJ9JAqHzIlr19jrm48xYYUQ_5j0Vk8KpoZJZv98Ig==
main-08803d0ae70a27a3.js
assets.withpaper.com/_next/static/chunks/ Frame 7005
107 KB
32 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/chunks/main-08803d0ae70a27a3.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9122a54cd3e00002284794752e7a02513146bd60b8713227003f9088c0c28a3

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
bGR6O0SzPsI2uHHA1vNlt5.dnTgdNfZo
content-encoding
gzip
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date
Fri, 13 Oct 2023 03:24:24 GMT
last-modified
Fri, 06 Oct 2023 22:52:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
30961
x-amz-server-side-encryption
AES256
etag
W/"f7be7fe0c4c64e282683617c65c5e300"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
JP7PmVwq3Up_GWW4RnkTnqZzZIb5hKXGS673YHNP7ngwPp2eNbDZkg==
_app-9c2def39f8776589.js
assets.withpaper.com/_next/static/chunks/pages/ Frame 7005
4 MB
842 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/chunks/pages/_app-9c2def39f8776589.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d91ab5dd8558acbac1d07624b3cb0f5a421325187786006e9ec94efc26d88844

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 23:44:55 GMT
x-amz-version-id
CA3YX0rmjNltyYvOf4k0DT10y40DkJpV
content-encoding
br
last-modified
Thu, 12 Oct 2023 23:39:20 GMT
server
AmazonS3
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
etag
W/"0fbbc67579553b6fb9cd047148555b85"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
44130
x-amz-cf-id
I8j7pnTiSA3bBNlBWl7V-aUgFVUKSeBm-z0w9bz0qPfV6VDHihtfJg==
d5add7ba-5761a5c5fdbe3954.js
assets.withpaper.com/_next/static/chunks/ Frame 7005
10 KB
2 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/chunks/d5add7ba-5761a5c5fdbe3954.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e7ca5832e619db39923a0e814547a8fc802c7ec694ee3c96a200760f1e26c5e

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
WxGmoEXzSqC16GTHy.8RL7e0o6NFF9_g
content-encoding
gzip
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date
Fri, 13 Oct 2023 07:46:00 GMT
last-modified
Fri, 06 Oct 2023 22:52:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
37869
x-amz-server-side-encryption
AES256
etag
W/"7a0f40fe86856e77f9a6e4446111f923"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
3ZxHVo0buUO2faSWiLCR8TnVu8VBq1dE1pORiwF_BqcwRqTxrrB2RA==
5f001841-b09145d55ab402ea.js
assets.withpaper.com/_next/static/chunks/ Frame 7005
11 KB
2 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/chunks/5f001841-b09145d55ab402ea.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85470d9f03454c9942e07b01e8fcf9a911e1de4ece36a8c55e1b427ed98822a2

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
3LoC39dUCSZzpWMx8rv3pnkMid0tGz5m
content-encoding
gzip
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date
Fri, 13 Oct 2023 09:43:35 GMT
last-modified
Fri, 06 Oct 2023 22:52:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
32271
x-amz-server-side-encryption
AES256
etag
W/"47fb122a16f57c00a4c9a6de21105307"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
65HbYFULZ1KKqICVH6GgJd3HAjpYIgtf2XbDhQc-YVbN1nvmIhl-PQ==
3359-d58bd85e0f36362e.js
assets.withpaper.com/_next/static/chunks/ Frame 7005
11 KB
4 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/chunks/3359-d58bd85e0f36362e.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50fd00dd43f5499a811b8198638baeabc5bbd7760c3673f09374930c3fe258ce

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
j_6XVyfD.IMkR.DgTHoc3J92.7gNYPJe
content-encoding
gzip
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date
Fri, 13 Oct 2023 09:43:35 GMT
last-modified
Fri, 06 Oct 2023 22:52:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
21959
x-amz-server-side-encryption
AES256
etag
W/"a6299fcbedd3cbc70be929af1d51c888"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
5r1Q9wMatIec0WtqUGZ4-4nC-IibWc4imrOFGNUWv9IjybEhPxEO8A==
2017-a82e39786fc585e7.js
assets.withpaper.com/_next/static/chunks/ Frame 7005
29 KB
9 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/chunks/2017-a82e39786fc585e7.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60c0a36de347e1c4343a7cd87951674dd4a706f93bdba4dd41aa9687ad52cc2e

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
hx4he3vNHuEz94cNa.0Qi20cszD4LdSX
content-encoding
gzip
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date
Fri, 13 Oct 2023 07:47:22 GMT
last-modified
Fri, 06 Oct 2023 22:52:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
15185
x-amz-server-side-encryption
AES256
etag
W/"3d40e93ce00616e424925572d8bc1d0a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
v3pNRpsR6byaIskCnjkNUVe2bbT8WkeD7YbkR6_fPt6RCuwpFY0G8A==
8902-44ab25ae6bf8e239.js
assets.withpaper.com/_next/static/chunks/ Frame 7005
39 KB
14 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/chunks/8902-44ab25ae6bf8e239.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2646a598b5fd78c69866c2e1025ba57cb1115cf5df7ed6a06fa270877dd0ab4

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
E7jYQ5PnQtNgo7mDdBemYJNdglkU8Ygo
content-encoding
gzip
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date
Fri, 13 Oct 2023 07:46:02 GMT
last-modified
Fri, 06 Oct 2023 22:52:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
24437
x-amz-server-side-encryption
AES256
etag
W/"fe4adc95b16c4d2e36958c8a1fb5268e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ws6mysbm2SeFxkvTrxAxViJ1p-TftS4EdZFdDo2VsRcRpWEz1VDVfw==
7242-1d0fa493bd0db981.js
assets.withpaper.com/_next/static/chunks/ Frame 7005
11 KB
4 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/chunks/7242-1d0fa493bd0db981.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f91051c6387dc5a5c2f7b666d8ec34f4309faf1963fe876ebf2e363ab1db9e1

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
GFb2V9HoQhdtsgqFoIyIymGQfrMD2MJl
content-encoding
br
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date
Fri, 13 Oct 2023 10:22:44 GMT
last-modified
Fri, 06 Oct 2023 22:52:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
5861
x-amz-server-side-encryption
AES256
etag
W/"b9020994019b63743c6898c05d0ea4f5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Fx8J6pbKOxEAdM3Oa3nZnf9NQ8k9P34-JiZYi06Fudr49Wv8Om-wnA==
7808-f430fc27147156ce.js
assets.withpaper.com/_next/static/chunks/ Frame 7005
29 KB
10 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/chunks/7808-f430fc27147156ce.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a95afbe0ea1be4281b39b10ec3b7e6a2b5895a5b6c9e74d9038dcede3d2b0003

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
fSwrLEV84ZY9WVwLOEnFK9_WpbGaJgxq
content-encoding
gzip
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date
Fri, 13 Oct 2023 10:59:19 GMT
last-modified
Fri, 06 Oct 2023 22:52:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
17899
x-amz-server-side-encryption
AES256
etag
W/"d1f01604a5317de9bdbae4ed9cc43030"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
HfvNN2v4LB_wTTKeWw86IjAgu_Xnd0-HMZCbOtoNAPAArGoFe5s5xQ==
2932-7ea8f66c51d732cc.js
assets.withpaper.com/_next/static/chunks/ Frame 7005
9 KB
4 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/chunks/2932-7ea8f66c51d732cc.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9d02ba67a936af55ff2676e5fe0032f64816991a66c32acf077859032f226ff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
chjMAsHaVyyvko5e7gYQxtQmgWoq3v5V
content-encoding
gzip
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date
Fri, 13 Oct 2023 06:28:02 GMT
last-modified
Fri, 06 Oct 2023 22:52:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
19963
x-amz-server-side-encryption
AES256
etag
W/"0db71c86255f26cd4d47a195768958fd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
A_3kBsi4yc7MVHpdxHZ4wJNe4VTa19q9DCPQmdFdRBgiHOkUHKovRw==
4751-8dc64c839d08b87d.js
assets.withpaper.com/_next/static/chunks/ Frame 7005
27 KB
8 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/chunks/4751-8dc64c839d08b87d.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20b403934e22730e003f73c47f85f7edd2fe60a440be4cdb63db851a332a3fac

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
7E8.Uyp5VWWL9hXmf6Gh2262duy1tHuc
content-encoding
gzip
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date
Fri, 13 Oct 2023 07:46:02 GMT
last-modified
Fri, 06 Oct 2023 22:52:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
37869
x-amz-server-side-encryption
AES256
etag
W/"2ae0700796d735b3ad2f19674503f41f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
2IDbGM6nfrO1oLgTrx0IxU1AbS76x13_-PN5i9b3g3odotD7ei2xSA==
1206-a281a2e27c174947.js
assets.withpaper.com/_next/static/chunks/ Frame 7005
25 KB
6 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/chunks/1206-a281a2e27c174947.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66541afffbaac31c9f3a895b358478459a72e9b44b9ca50b7b9e959130b495e0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
XSHECjxSjgiW7Xo.M0g0l2tqUHArSIIh
content-encoding
gzip
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date
Fri, 13 Oct 2023 10:17:33 GMT
last-modified
Fri, 06 Oct 2023 22:52:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
20407
x-amz-server-side-encryption
AES256
etag
W/"d9182bf69f8081384cd141a877ff3435"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
DagYduubEakuIs2yOi-C_ngu2ihTZThZhKnGuaPFGWp97R6AP0T9Qw==
5972-f218c925874c07ba.js
assets.withpaper.com/_next/static/chunks/ Frame 7005
31 KB
8 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/chunks/5972-f218c925874c07ba.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0b0f4043d98c8820799cf002342c7ed43eba3760b5b93dcf33dd060f9724909

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
OF1MfG8bchjuhEJHR_9E4L57j5MPp0fh
content-encoding
gzip
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date
Fri, 13 Oct 2023 07:57:36 GMT
last-modified
Fri, 06 Oct 2023 22:52:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
19958
x-amz-server-side-encryption
AES256
etag
W/"0b1689c51d6c3f7e85facaa5d1ada7ed"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
0S_rJnkKJ3mqxPIamtrjdOvmTQdAdu0qyTvinnB7mPCHk7xU9Ta_dA==
1604-64e427e55a5d6afb.js
assets.withpaper.com/_next/static/chunks/ Frame 7005
811 KB
278 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/chunks/1604-64e427e55a5d6afb.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb1573eac2acb3cecb3f3b3880b433c61d441258647841cb88d7801905b2bd04

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
NpXjVvoYr1hkRUb7.Jjx2LXnjGJMiCJo
content-encoding
gzip
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date
Fri, 13 Oct 2023 10:59:19 GMT
last-modified
Fri, 06 Oct 2023 22:52:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
24437
x-amz-server-side-encryption
AES256
etag
W/"1ee63b0e78ca8675e83b9d93fcc4e457"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
TJt7W2uC9WMz3uWSk0HnJjpKhcr6NQGj5qvJ1EoCSJBN3_Q29VzDKw==
599-287efcecca878817.js
assets.withpaper.com/_next/static/chunks/ Frame 7005
29 KB
6 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/chunks/599-287efcecca878817.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85d5342b0ad8457c692ffbb284dd252d8553932e39d75771fabae58cdd614b63

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 23:44:42 GMT
x-amz-version-id
OF4vllhEXyLlTYor9O.478XWSlC0L8Pw
content-encoding
br
last-modified
Thu, 12 Oct 2023 23:42:28 GMT
server
AmazonS3
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
etag
W/"a99066c4a9bae6e4544da359cb56faf2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
44143
x-amz-cf-id
8rAAIR335ZUtkQtVlmLnrHzNV8efiSGPGCdClKeSLj9MxmNmUDTovg==
2097-c2ce73c640aad27c.js
assets.withpaper.com/_next/static/chunks/ Frame 7005
20 KB
7 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/chunks/2097-c2ce73c640aad27c.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d0b3112a8022a1d3df70e98c40b3926dea9f528073250aa584527ab6427e5d71

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 23:43:51 GMT
x-amz-version-id
WXOgYgnH7GAFgxzdkf0EyhwKad.hJsI6
content-encoding
br
last-modified
Thu, 12 Oct 2023 23:39:18 GMT
server
AmazonS3
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
etag
W/"066ae88c23578ba31d6049988770108f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
44194
x-amz-cf-id
vEuJKn8UnQ1helPH3u21EtuA02ztmnzdBBYxINYfP1OIPdJHFeYcrA==
4599-51ce2150a7f58834.js
assets.withpaper.com/_next/static/chunks/ Frame 7005
28 KB
11 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/chunks/4599-51ce2150a7f58834.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
352b7bf6d48a2943a7967ae3f4f40ba3c024c7c67bd3c46afe6d182fa065fa6e

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 23:44:42 GMT
x-amz-version-id
TOH37fmzAQNpBsi8zdKPG7YJ3LXRvqpT
content-encoding
br
last-modified
Thu, 12 Oct 2023 23:42:28 GMT
server
AmazonS3
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
etag
W/"afa034d20a84c9cff57580a8fcbe8720"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
44143
x-amz-cf-id
QE2eCUWwAtlGRkkVv-vFSK6e3GDZaQMr7Qyn1gjEjOPqW8wFm3FlSQ==
8305-b159d59917e2c97f.js
assets.withpaper.com/_next/static/chunks/ Frame 7005
13 KB
5 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/chunks/8305-b159d59917e2c97f.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9561cebb87f7458fd7ae37a964e1041518f954ae00634ff8726234381f35c6d4

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 23:44:42 GMT
x-amz-version-id
df8USC9vdeb7ypfXjE4DfhCqgjZOqvFF
content-encoding
br
last-modified
Thu, 12 Oct 2023 23:39:19 GMT
server
AmazonS3
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
etag
W/"106e2b63f418c0bbb130b22e480761ce"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
44143
x-amz-cf-id
FuxRQI9pg4LGKQMEaE3mtn6O81w6phYJmJtIhzhy8HFr4RJRwC2N6A==
1284-b4bef36a0cb9ff00.js
assets.withpaper.com/_next/static/chunks/ Frame 7005
30 KB
10 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/chunks/1284-b4bef36a0cb9ff00.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63d0c3c13aaa0c2c574d76cb18ce07ad07371fdc97afa0db274913563b9efb99

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
2KTw3AkaCjgdPbR8X3Lw7vdk9I3vXpoM
content-encoding
br
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date
Thu, 12 Oct 2023 21:16:59 GMT
last-modified
Wed, 11 Oct 2023 21:15:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
53014
x-amz-server-side-encryption
AES256
etag
W/"94547e83223579235233dc28bcaa7e85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
GXiSJpUHFQX1kMC7nopZojFN7GoaF9ghVU6VIXfuFNasCB8jFfQ1Og==
embedded-wallet-39fc5ce8ddf3a72c.js
assets.withpaper.com/_next/static/chunks/pages/sdk/2022-08-12/ Frame 7005
16 KB
5 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/chunks/pages/sdk/2022-08-12/embedded-wallet-39fc5ce8ddf3a72c.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07c808f6ed4ef12919a90f72d027f009ade96f91656ddd00fab8ddd511517f92

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 23:44:04 GMT
x-amz-version-id
wjlRJRGgT.Jy5VwHNtOZzG_1_w7JrgeE
content-encoding
br
last-modified
Thu, 12 Oct 2023 23:39:21 GMT
server
AmazonS3
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
etag
W/"93504a4bc174dd727a0724cc53e69902"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
44180
x-amz-cf-id
0N53FxTwgpBYQ7FVaMl0DQyQ2EFTSpN6W29FtldieXizeS1NRO3BHw==
_buildManifest.js
assets.withpaper.com/_next/static/88sqeMWnRsqJ80htgNqvH/ Frame 7005
17 KB
5 KB
Script
General
Full URL
https://assets.withpaper.com/_next/static/88sqeMWnRsqJ80htgNqvH/_buildManifest.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a8a66c02fb0af7a1b4d964c3a9f4d40e41754b26edb47bf14fc62a84e115752

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 23:44:42 GMT
x-amz-version-id
CCO3zUaLvGnngPL3AlcH9v1XGVHZn1il
content-encoding
br
last-modified
Thu, 12 Oct 2023 23:39:17 GMT
server
AmazonS3
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
etag
W/"520afc97e41bc2bed8b71093aa08b7e2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
44143
x-amz-cf-id
llvgpl0zTghH4Xx0RblYzkvdL5wzJTUEx0xOz2XSFBD1C-ulWUFU2g==
_ssgManifest.js
assets.withpaper.com/_next/static/88sqeMWnRsqJ80htgNqvH/ Frame 7005
77 B
470 B
Script
General
Full URL
https://assets.withpaper.com/_next/static/88sqeMWnRsqJ80htgNqvH/_ssgManifest.js
Requested by
Host: withpaper.com
URL: https://withpaper.com/sdk/2022-08-12/embedded-wallet?clientId=45164548-8c51-4bed-a76f-9dd73e8fc7ab&sdkVersion=0.0.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 23:44:42 GMT
x-amz-version-id
jP491pSZjwSo0JiEbjzqeCaF_MHFTm0B
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 23:39:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
44143
etag
"b6652df95db52feb4daf4eca35380933"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
77
x-amz-cf-id
uryU8M3Da3CHL44Dqoeb8kUqg4wsUMbTiYZHISvn7SF5cg7y_7I2ZA==
/
pg.paper.xyz/e/ Frame 7005
13 B
496 B
XHR
General
Full URL
https://pg.paper.xyz/e/?ip=1&_=1697198425196&ver=1.57.2
Requested by
Host: assets.withpaper.com
URL: https://assets.withpaper.com/_next/static/chunks/pages/_app-9c2def39f8776589.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-44.fra60.r.cloudfront.net
Software
/
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://withpaper.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 13 Oct 2023 12:00:25 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront), 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
referrer-policy
same-origin
x-amz-cf-pop
FRA56-P5, FRA60-P2
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://withpaper.com
x-cache
Miss from cloudfront
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type
x-amz-cf-id
XoZDE1ONDvL3yVzF5trcFYmtrDM8OqxB0u2ip-z4Lo9aU2HxmKktkA==
/
pg.paper.xyz/decide/ Frame 7005
406 B
890 B
XHR
General
Full URL
https://pg.paper.xyz/decide/?v=3&ip=1&_=1697198425197&ver=1.57.2
Requested by
Host: assets.withpaper.com
URL: https://assets.withpaper.com/_next/static/chunks/pages/_app-9c2def39f8776589.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-44.fra60.r.cloudfront.net
Software
/
Resource Hash
ce56fc49613280d9c2e95b2917ba846152a054cb152c5e92cb54aace37df3c36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://withpaper.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 13 Oct 2023 12:00:25 GMT
via
1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront), 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
referrer-policy
same-origin
x-amz-cf-pop
FRA56-P5, FRA60-P2
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://withpaper.com
x-cache
Miss from cloudfront
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type
x-amz-cf-id
s0QmMxrJMhSSULaJ_gBhjUoYZxGAsFEqB1Yked4VlvGN_SeSlzJ3Ag==
js
www.googletagmanager.com/gtag/ Frame 7005
208 KB
74 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11020129968
Requested by
Host: assets.withpaper.com
URL: https://assets.withpaper.com/_next/static/chunks/main-08803d0ae70a27a3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
a4b1eecebb71a3c06f6b4959c3c1961f7f4351e715034315d404bdff7eaf729d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76030
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 13 Oct 2023 12:00:25 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11020129968/ Frame 7005
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11020129968/?random=1697198425586&cv=11&fst=1697198425586&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwithpaper.com%2Fsdk%2F2022-08-12%2Fembedded-wallet%3FclientId%3D45164548-8c51-4bed-a76f-9dd73e8fc7ab%26sdkVersion%3D0.0.25&ref=https%3A%2F%2Fdecrypt.co%2F&hn=www.googleadservices.com&frm=2&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11020129968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e9204e077b3d5430569501ab49f811f2938f2e3b08e18983cae847a1e6ebb94e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1384
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rid
match.adsrvr.org/track/
63 B
418 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=l562ycb&fmt=json
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.24.0/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
dda7d818d924dec97d16be3eefd3869145dfa2db4a870842994041c108cc73ec

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 Oct 2023 12:00:25 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://decrypt.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 12 Nov 2023 12:00:25 GMT
sync
eb2.3lift.com/ Frame 7E48
37 B
140 B
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: delivery.pubgenius.io
URL: https://delivery.pubgenius.io/decrypt.-kkbxZKGT/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://decrypt.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 13 Oct 2023 12:00:25 GMT
usync.html
eus.rubiconproject.com/ Frame C6A9
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: delivery.pubgenius.io
URL: https://delivery.pubgenius.io/decrypt.-kkbxZKGT/wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://decrypt.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 13 Oct 2023 12:00:25 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 68E2
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: delivery.pubgenius.io
URL: https://delivery.pubgenius.io/decrypt.-kkbxZKGT/wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.104.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-104-211.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://decrypt.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 13 Oct 2023 12:00:25 GMT
ETag
"623de86a-cf34"
Expires
Sat, 14 Oct 2023 12:00:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
pd
u.openx.net/w/1.0/ Frame 0F41
0
91 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: delivery.pubgenius.io
URL: https://delivery.pubgenius.io/decrypt.-kkbxZKGT/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://decrypt.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 13 Oct 2023 12:00:25 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4EF0
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160486
Requested by
Host: delivery.pubgenius.io
URL: https://delivery.pubgenius.io/decrypt.-kkbxZKGT/wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://decrypt.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=61614
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 13 Oct 2023 12:00:25 GMT
expires
Sat, 14 Oct 2023 05:07:19 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 64AD
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: delivery.pubgenius.io
URL: https://delivery.pubgenius.io/decrypt.-kkbxZKGT/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://decrypt.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

age
310
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
81576c109bf709a4-ARN
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 13 Oct 2023 12:00:25 GMT
expires
Fri, 13 Oct 2023 16:00:25 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 4EF0
5 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=80428341&p=160486&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
481192fe255cb7de3f6430a096d885c9e1830d4505fabb0485802bc27db1d550

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 13 Oct 2023 12:00:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
www.google.com/pagead/1p-user-list/11020129968/ Frame 7005
42 B
154 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/11020129968/?random=1697198425586&cv=11&fst=1697198400000&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwithpaper.com%2Fsdk%2F2022-08-12%2Fembedded-wallet%3FclientId%3D45164548-8c51-4bed-a76f-9dd73e8fc7ab%26sdkVersion%3D0.0.25&ref=https%3A%2F%2Fdecrypt.co%2F&frm=2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=379594759&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.se/pagead/1p-user-list/11020129968/ Frame 7005
42 B
154 B
Image
General
Full URL
https://www.google.se/pagead/1p-user-list/11020129968/?random=1697198425586&cv=11&fst=1697198400000&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwithpaper.com%2Fsdk%2F2022-08-12%2Fembedded-wallet%3FclientId%3D45164548-8c51-4bed-a76f-9dd73e8fc7ab%26sdkVersion%3D0.0.25&ref=https%3A%2F%2Fdecrypt.co%2F&frm=2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=379594759&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://withpaper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame C6A9
38 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
37653053d6382819c4b7b32fa831a99cefe28dc29abdadc27e811d1f659bf828

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 12:00:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Oct 2023 03:20:48 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55252
Connection
keep-alive
Content-Length
10836
Expires
Sat, 14 Oct 2023 03:21:17 GMT
bounce
ib.adnxs.com/ Frame 68E2
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
648 B
Script
General
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Protocol
H2
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:26 GMT
an-x-request-uuid
9e45f284-0162-4ac9-aeb9-e6b597f3da7c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.147.213.98; 185.147.213.98; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:25 GMT
an-x-request-uuid
c29043c5-6a49-473e-a4ea-eaf3e1205ea1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
185.147.213.98; 185.147.213.98; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 53DB
43 B
363 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 12:00:25 GMT
expires
Fri, 13 Oct 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
174546
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 928F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7FF46CC5-2849-4B54-A063-7DDF546864C8&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7FF46CC5-2849-4B54-A063-7DDF546864C8&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7FF46CC5-2849-4B54-A063-7DDF546864C8&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160486
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 13 Oct 2023 12:00:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
894MAV673F79Y84S1SB0

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 13 Oct 2023 12:00:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7FF46CC5-2849-4B54-A063-7DDF546864C8&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ZE8E7NGVWHQWX4NDC8TX
Pug
image2.pubmatic.com/AdServer/ Frame 1D87
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=W1aGdF5SgSxAUtAuC1WZeVlX1XtAUIV9D1Opf0LH
42 B
338 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=W1aGdF5SgSxAUtAuC1WZeVlX1XtAUIV9D1Opf0LH
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 12:00:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 13 Oct 2023 12:00:26 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=W1aGdF5SgSxAUtAuC1WZeVlX1XtAUIV9D1Opf0LH
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 1E75
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8666875426438322128&gdpr=0&gdpr_consent=
42 B
315 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8666875426438322128&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 12:00:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
0935a874-8661-4bb9-8b80-1789328b0ec7
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 13 Oct 2023 12:00:26 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8666875426438322128&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
185.147.213.98; 185.147.213.98; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame F77D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7289411734496475282&gdpr=0&gdpr_consent=
42 B
219 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7289411734496475282&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 12:00:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Fri, 13 Oct 2023 12:00:26 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7289411734496475282&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
x.bidswitch.net/ Frame 7B63
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=7842eb82-e9ab-4681-8652-32e64adf275b&ssp=pubmatic
43 B
145 B
Document
General
Full URL
https://x.bidswitch.net/sync?dsp_id=59&user_id=7842eb82-e9ab-4681-8652-32e64adf275b&ssp=pubmatic
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.230.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-230-6.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 13 Oct 2023 12:00:26 GMT

Redirect headers

Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
Date
Fri, 13 Oct 2023 12:00:26 GMT
Location
//x.bidswitch.net/sync?dsp_id=59&user_id=7842eb82-e9ab-4681-8652-32e64adf275b&ssp=pubmatic
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pug
simage2.pubmatic.com/AdServer/ Frame 2F82
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_BPeNFlTWuJVffKm6m_t0LmT1WI&gdpr=0&gdpr_consent=
42 B
377 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_BPeNFlTWuJVffKm6m_t0LmT1WI&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 12:00:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Fri, 13 Oct 2023 12:00:26 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_BPeNFlTWuJVffKm6m_t0LmT1WI&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 5439
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
42 B
264 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 11:38:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
176
Content-Type
text/html; charset=utf-8
Date
Fri, 13 Oct 2023 12:00:26 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 8012
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B
Document
General
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZSkxWgAXj8xcKQAb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 13 Oct 2023 12:00:26 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bma1645-BMA
x-timer
S1697198426.214152,VS0,VE91

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Fri, 13 Oct 2023 12:00:26 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZSkxWgAXj8xcKQAb
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bma1645-BMA
x-timer
S1697198426.089339,VS0,VE93
Pug
image2.pubmatic.com/AdServer/ Frame AD68
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCX0JFN0tVbU1BQUJqNUZHNk5Gdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAB_BE7KUmMAABj5FG6NFw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAB_BE7KUmMAABj5FG6NFw&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAB_BE7KUmMAABj5FG6NFw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3732027440556077069&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB_BE7KUmMAABj5FG6NFw&gdpr=0&gdpr_consent=
42 B
279 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB_BE7KUmMAABj5FG6NFw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 12:00:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 13 Oct 2023 12:00:26 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB_BE7KUmMAABj5FG6NFw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame A7E6
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
225 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 13 Oct 2023 12:00:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 13 Oct 2023 12:00:26 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame A4BB
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUa24d3d62ca744d7d8fe92bc6460ff9d7
42 B
279 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUa24d3d62ca744d7d8fe92bc6460ff9d7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 12:00:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Fri, 13 Oct 2023 12:00:26 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUa24d3d62ca744d7d8fe92bc6460ff9d7
pragma
no-cache
server
nginx
bridge
cm.adgrx.com/ Frame B38F
43 B
282 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-delivery-4.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Fri, 13 Oct 2023 12:00:26 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-1
Pug
image2.pubmatic.com/AdServer/ Frame B3D3
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5381338182345799000
42 B
424 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5381338182345799000
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 12:00:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5381338182345799000
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 0779
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528210542470
42 B
273 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528210542470
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 12:00:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Fri, 13 Oct 2023 12:00:26 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528210542470
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cm
ipac.ctnsnet.com/int/ Frame 9EB0
43 B
368 B
Document
General
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 13 Oct 2023 12:00:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
pubmatic
ad.mrtnsvr.com/sync/ Frame E387
0
0

cookiesync
core.iprom.net/ Frame C812
43 B
277 B
Document
General
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160486
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 13 Oct 2023 12:00:26 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-c4ae79d14255@version_1.573
X-core-time
1ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame 3692
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=9fe1de61d8d31fc2/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRMnbQnUbQSQYbMjX&gdpr=0&gdpr_consent=
42 B
201 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRMnbQnUbQSQYbMjX&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 12:00:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRMnbQnUbQSQYbMjX&gdpr=0&gdpr_consent=
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4EF0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=f_RsxShJS1SgY33fVGhkyA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:26 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=61613
accept-ranges
bytes
content-length
5606
expires
Sat, 14 Oct 2023 05:07:19 GMT

Redirect headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 4EF0
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7FF46CC5-2849-4B54-A063-7DDF546864C8&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.175.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-175-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:26 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.1.6
content-length
49
expires
0
cr
cr.frontend.weborama.fr/ Frame 4EF0
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2655332648
0
45 B
Image
General
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2655332648
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:25 GMT
via
1.1 google
last-modified
Fri, 13 Oct 2023 12:00:26 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:25 GMT
via
1.1 google
last-modified
Fri, 13 Oct 2023 12:00:26 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2655332648
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 4EF0
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=7FF46CC5-2849-4B54-A063-7DDF546864C8
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OWdoMjFkazhBSnBRRHVwYVFQdUlNeGY3QQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=2382276836758500377&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
52.202.131.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-131-94.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 12:00:27 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 13 Oct 2023 12:00:26 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 4EF0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0ZGNDZDQzUtMjg0OS00QjU0LUEwNjMtN0RERjU0Njg2NEM4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 12:00:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 4EF0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMfW7HSMWVSIbSPB3z_IIig&google_cver=1
42 B
269 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMfW7HSMWVSIbSPB3z_IIig&google_cver=1
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 12:00:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMfW7HSMWVSIbSPB3z_IIig&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 4EF0
43 B
608 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 12 Oct 2023 12:00:26 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4EF0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2382276836758500377
42 B
322 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2382276836758500377
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 12:00:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2382276836758500377
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 4EF0
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:26 GMT
server
Kestrel
content-length
70
content-type
image/gif
7FF46CC5-2849-4B54-A063-7DDF546864C8
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 4EF0
43 B
426 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/7FF46CC5-2849-4B54-A063-7DDF546864C8?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.73.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-73-229.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame 4EF0
0
125 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7FF46CC5-2849-4B54-A063-7DDF546864C8&redir=true&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 4EF0
0
187 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 13 Oct 2023 12:00:25 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4EF0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2983877857478686381&gdpr=0&gdpr_consent=&us_privacy=
1 B
201 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2983877857478686381&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 13 Oct 2023 12:00:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2983877857478686381&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 13 Oct 2023 12:00:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 4EF0
0
104 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7FF46CC5-2849-4B54-A063-7DDF546864C8&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.158.223.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams02-nessy-float2.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:26 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4EF0
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:916af8da-8d25-47fc-b4b0-ba0a858ac26b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:916af8da-8d25-47fc-b4b0-ba0a858ac26b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 12:00:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:916af8da-8d25-47fc-b4b0-ba0a858ac26b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 13 Oct 2023 12:00:26 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
khaos.json
token.rubiconproject.com/ Frame C6A9
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
collect
region1.analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-S6XJW9326S&gtm=45je3ab0&_p=930989033&cid=576803033.1697198422&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1697198422&sct=1&seg=0&dl=https%3A%2F%2Fdecrypt.co%2F119861%2Ffbi-north-korea-lazarus-horizon-harmony-bridge-hack&dt=FBI%20Confirms%20North%20Korea%20Behind%20%24100%20Million%20Harmony%20Hack%20-%20Decrypt&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S6XJW9326S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://decrypt.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 12:00:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://decrypt.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 4EF0
0
260 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160486&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:00:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
exchange.alkimi-onboarding.com
URL
https://exchange.alkimi-onboarding.com/bid?prebid=true
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 function| admiral object| googletag object| pubg object| dataLayer object| NREUM object| webpackChunk:NRBA-1.244.0.PROD object| _rollbarConfig object| _rollbarShims object| _rollbarWrappedError function| _rollbarURH object| Rollbar function| rollbar function| 4dm1r11545242527 number| _rollbarStartTime boolean| _rollbarDidLoad boolean| _rollbarInitialized object| pubg_NOT_DEPLOYED__a58870f8 object| pbgs object| _pbjsGlobals object| apstag object| confiant function| initAdUnit function| insertAd object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| setImmediate function| clearImmediate function| __NEXT_PRELOADREADY object| FontAwesomeConfig object| ___FONT_AWESOME___ object| _ethers object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| gtag function| fbq function| _fbq object| _cio function| twq object| _aps boolean| apstagLOADED object| apscustom object| ggeac object| google_js_reporting_queue function| OneSignal object| gaplugins object| gaGlobal object| gaData object| Criteo object| __bt_tag_d object| __bt_intrnl object| __bt object| __bt_tag_am object| regeneratorRuntime object| twttr function| onYouTubeIframeAPIReady object| google_optimize object| _sf_async_config object| _cbq function| mminit function| mmload number| __oneSignalSdkLoadCount function| __jp0 undefined| google_measure_js_timing boolean| __bt_already_invoked object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| reactiveElementVersions object| litHtmlVersions object| litElementVersions object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| OWUyM2NkMGQyNjQ4ZWY0MGxvYWRlcl9qcw== string| OWUyM2NkMGQyNjQ4ZWY0MGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_132 object| Criteo_prebid_132 object| __twttrll object| __twttr function| Buffer object| global object| process

86 Cookies

Domain/Path Name / Value
decrypt.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
spindl.link/ Name: spdl
Value: spdl.1.1697198421690.xcZzou50rVEaAXSG
.onesignal.com/ Name: __cf_bm
Value: nj5kaEEbQh.mUlWfRxAz5VoXC2.d3HaFnzXpgn1VYC0-1697198421-0-AQJP28zMenr9ts+RDLpwVeKcVNmRnDuO34yNxbK3nyGDnFXb/hfdR/vFtFYln9ejCBGtorlSvblObBGurPoGFa0=
.decrypt.co/ Name: _gid
Value: GA1.2.1639726528.1697198422
.decrypt.co/ Name: _gat_UA-123175458-1
Value: 1
.decrypt.co/ Name: _gat
Value: 1
.decrypt.co/ Name: _ga
Value: GA1.1.576803033.1697198422
decrypt.co/ Name: GDPR_Settings
Value: %7B%22doNotTrack%22%3Atrue%7D
.prebid.a-mo.net/ Name: __amc
Value: 1_1697198422_1697198422
.rubiconproject.com/ Name: khaos
Value: LNOK4BYH-11-J8AB
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqfA22eUT8lqB5QplbP53MwcsmEHqbaYFbkdc6vv5vuEdVgijzmwqkCSBx2P3in8zMJDVP2TH1kcyKPLRELhl3xIo8tEQuGXfGma+WVcS1g3g==
.decrypt.co/ Name: _fbp
Value: fb.1.1697198422457.1874979543
.t.co/ Name: muc_ads
Value: da6f87ec-c1d3-49e7-a0bb-723f1878f1a2
.decrypt.co/ Name: _cb
Value: Ncq7sDelZjeBiQnaD
.decrypt.co/ Name: _chartbeat2
Value: .1697198422543.1697198422543.1.PA9mTGy_S0-DL4iB6xBlrDkkjPx.1
.decrypt.co/ Name: _cb_svref
Value: null
.twitter.com/ Name: guest_id_marketing
Value: v1%3A169719842242922021
.twitter.com/ Name: guest_id_ads
Value: v1%3A169719842242922021
.twitter.com/ Name: personalization_id
Value: "v1_DV2Ldd2pWyrTvcorfZsiIQ=="
.twitter.com/ Name: guest_id
Value: v1%3A169719842242922021
.decrypt.co/ Name: _awl
Value: 2.1697198422.5-aafbf594bc981e109e2666459246cccf-6763652d6575726f70652d7765737431-0
.decrypt.co/ Name: _ga_S6XJW9326S
Value: GS1.1.1697198422.1.0.1697198423.59.0.0
.dispatch.co/ Name: __cf_bm
Value: jcRhXlBGrVK5l4v57aB1qyYkBphq8dsrcem76e2bXYo-1697198423-0-AYVK8nKEhp/tc+ugOtERqTbCXwM4htMxo7JnyyBfBrcPfFw2rA4PBeQc//yWK9OX8+PDd5MwdBg4nDulBlyMLYk=
.ads.pubmatic.com/ Name: KCCH
Value: YES
.adnxs.com/ Name: uuid2
Value: 8666875426438322128
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 7FF46CC5-2849-4B54-A063-7DDF546864C8
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 160486:2
.pubmatic.com/ Name: DPSync3
Value: 1698364800%3A201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1698364800%3A13_233_214_220_55_88_21_251_71_166_54_22_249_196_161_234_264_238_3_8_165_46_81_56%7C1697760000%3A223_15_2%7C1699747200%3A203%7C1698019200%3A63%7C1698451200%3A35
.de17a.com/ Name: guid
Value: 1.5381338182345799000
.adfarm1.adition.com/ Name: UserID1
Value: 7289411734496475282
.weborama.fr/ Name: AFFICHE_W
Value: 5q0INjJPoQzm86
.ctnsnet.com/ Name: cid_fa0a73c5130f4b4cb486cdb00ec9af5d
Value: 1
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: d
Value: EPwBCwGWKvijAA
.quantserve.com/ Name: mc
Value: 6529315a-1dcf6-444a6-310b0
.simpli.fi/ Name: suid
Value: F9D8329A55C64429B22D18D471183290
.csync.loopme.me/ Name: viewer_token
Value: 7e9f7d85-a020-4d31-bc6a-87b6482ed4f0
.adform.net/ Name: uid
Value: 2382276836758500377
.doubleclick.net/ Name: IDE
Value: AHWqTUkyts_FUv06IuKYuErNOAunlN7ERDTjxDLfDv9QFPcmuOVjqkwYW3l10v2q7HM
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZSkxWgAXj8xcKQAb
.adx.opera.com/ Name: UID
Value: OPUa24d3d62ca744d7d8fe92bc6460ff9d7
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8666875426438322128&KRTB&23339-8666875426438322128
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7289411734496475282&KRTB&23369-7289411734496475282
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmluaGlhYmQGJAFV4i2aEAAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1sjAyNDA1MTIxNxDiM9T1cDcpD8zOCzMKK08FAF4XNIUlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1sjAyNDA1MTIxNxDiM9T1cDcpD8zOCzMKK08FAF4XNIUlAAAA
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-2382276836758500377&KRTB&23263-2382276836758500377&KRTB&23481-2382276836758500377
.bidswitch.net/ Name: tuuid
Value: d62be6ea-d426-4cd7-b411-fd3c1cd0c02f
.bidswitch.net/ Name: c
Value: 1697198426
.bidswitch.net/ Name: tuuid_lu
Value: 1697198426
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5381338182345799000
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5133329528210542470
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUa24d3d62ca744d7d8fe92bc6460ff9d7&KRTB&23485-OPUa24d3d62ca744d7d8fe92bc6460ff9d7&KRTB&23524-OPUa24d3d62ca744d7d8fe92bc6460ff9d7
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-W1aGdF5SgSxAUtAuC1WZeVlX1XtAUIV9D1Opf0LH&KRTB&19420-W1aGdF5SgSxAUtAuC1WZeVlX1XtAUIV9D1Opf0LH&KRTB&22979-W1aGdF5SgSxAUtAuC1WZeVlX1XtAUIV9D1Opf0LH&KRTB&23403-W1aGdF5SgSxAUtAuC1WZeVlX1XtAUIV9D1Opf0LH
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEMfW7HSMWVSIbSPB3z_IIig&KRTB&23025-CAESEMfW7HSMWVSIbSPB3z_IIig&KRTB&23386-CAESEMfW7HSMWVSIbSPB3z_IIig
.bidr.io/ Name: bito
Value: AAB_BE7KUmMAABj5FG6NFw
.bidr.io/ Name: bitoIsSecure
Value: ok
.turn.com/ Name: uid
Value: 2983877857478686381
.onaudience.com/ Name: cookie
Value: 9fe1de61d8d31fc2
.onaudience.com/ Name: done_redirects104
Value: 1
.adsby.bidtheatre.com/ Name: __kuid
Value: 916af8da-8d25-47fc-b4b0-ba0a858ac26b.466412426
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2983877857478686381&KRTB&23150-2983877857478686381&KRTB&23527-2983877857478686381
.amazon-adsystem.com/ Name: ad-id
Value: A8wZlsaCokzAu5Ip3NGYyYc
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fc13de34-5953-5ae2-557d-f2a6ea6fedd0.1M68o8clTP3m4zNpH7Y5B0y5%2BPFxAkk2gYMLrKI%2Fx4U
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fc13de34-5953-5ae2-557d-f2a6ea6fedd0.1M68o8clTP3m4zNpH7Y5B0y5%2BPFxAkk2gYMLrKI%2Fx4U
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A_BPeNFlTWuJVffKm6m_t0LmT1WI.sF1pjpFr2DUyJoORm3VOj0TQzPj8FB2u4MdAqJXT9lk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A_BPeNFlTWuJVffKm6m_t0LmT1WI.sF1pjpFr2DUyJoORm3VOj0TQzPj8FB2u4MdAqJXT9lk
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIOt5b9G6I59YMhmACp3EHJUVQo7z1fh9PIeGHA-i-KuIEHwYBCDa4qSpBjABOgTwLrJgQgTHGomZ.%2BKFyngqglL1D%2FFuevj97s9SD4%2BmTcbf2fzjb7GpaMlI
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIOt5b9G6I59YMhmACp3EHJUVQo7z1fh9PIeGHA-i-KuIEHwYBCDa4qSpBjABOgTwLrJgQgTHGomZ.%2BKFyngqglL1D%2FFuevj97s9SD4%2BmTcbf2fzjb7GpaMlI
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-tk2EoAPtRMnbQnUbQSQYbMjX
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-_BPeNFlTWuJVffKm6m_t0LmT1WI&KRTB&23334-_BPeNFlTWuJVffKm6m_t0LmT1WI&KRTB&23417-_BPeNFlTWuJVffKm6m_t0LmT1WI&KRTB&23426-_BPeNFlTWuJVffKm6m_t0LmT1WI
.audrte.com/ Name: arcki2
Value: 9gh21dk8AJpQDupaQPuIMxf7A!20220908!1697198426507!ip#185.147.213.98
.audrte.com/ Name: arcki2_pubmatic
Value: 7FF46CC5-2849-4B54-A063-7DDF546864C8!20220908!1697198426510
ads.avct.cloud/ Name: uuid
Value: 7842eb82-e9ab-4681-8652-32e64adf275b
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: f2141605d7b1c625
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:
.audrte.com/ Name: arcki2_ddp2
Value: 9gh21dk8AJpQDupaQPuIMxf7A!20220908!1697198426727
.smartadserver.com/ Name: pid
Value: 3732027440556077069
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAB_BE7KUmMAABj5FG6NFw
.audrte.com/ Name: arcki2_adform
Value: 2382276836758500377!20220908!1697198426907
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAB_BE7KUmMAABj5FG6NFw
.pubmatic.com/ Name: PugT
Value: 1697198427

4 Console Messages

Source Level URL
Text
network error URL: https://api.rollbar.com/api/1/item/
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://api.rollbar.com/api/1/item/
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://api.decrypt.co/api/wallet/users/current-user
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7FF46CC5-2849-4B54-A063-7DDF546864C8&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.avct.cloud
ads.pubmatic.com
analytics.twitter.com
ap.lijit.com
api.btloader.com
api.decrypt.co
api.rollbar.com
api.widgets-data.moneymade.io
assets.customer.io
assets.moneymade.io
assets.withpaper.com
b1sync.zemanta.com
bam.nr-data.net
bh.contextweb.com
bidder.criteo.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cdn.confiant-integrations.net
cdn.decrypt.co
cdn.onesignal.com
cdn.rollbar.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
csync.loopme.me
d5p.de17a.com
decrypt.co
delivery.pubgenius.io
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
e.api.pubgenius.io
eb2.3lift.com
eus.rubiconproject.com
ev.moneymade.io
exchange.alkimi-onboarding.com
explorer-api.walletconnect.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gateway.decrypt.co
googleads.g.doubleclick.net
green.erne.co
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
img.decrypt.co
ipac.ctnsnet.com
js-agent.newrelic.com
js-sec.indexww.com
lh3.googleusercontent.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mediadojo-d.openx.net
o409492.ingest.sentry.io
onesignal.com
p.rfihub.com
p.typekit.net
pg.paper.xyz
ping.chartbeat.net
pixel-eu.onaudience.com
pixel-sync.sitescout.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
public.dispatch.co
pubmatic-match.dotomi.com
region1.analytics.google.com
rtb-csync.smartadserver.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spindl.link
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.cloudflareinsights.com
static.criteo.net
static.moneymade.io
stats.g.doubleclick.net
superficialspring.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.srv.stackadapt.com
syndication.twitter.com
t.adx.opera.com
t.co
tlx.3lift.com
token.rubiconproject.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-central1-benchmark-media.cloudfunctions.net
use.typekit.net
verify.walletconnect.com
w.mmin.io
web.hb.ad.cpe.dotomi.com
withpaper.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.se
www.googleoptimize.com
www.googletagmanager.com
x.bidswitch.net
ad.mrtnsvr.com
exchange.alkimi-onboarding.com
104.16.57.101
104.18.214.59
104.18.24.18
104.18.27.193
104.18.27.46
104.18.28.245
104.18.43.90
104.244.42.200
104.244.42.3
104.244.42.5
104.26.3.128
104.26.4.122
104.26.4.69
104.26.7.139
104.26.8.216
108.138.7.119
108.138.9.235
13.32.99.52
13.35.255.75
130.211.23.194
134.122.57.34
141.94.161.190
141.94.171.213
142.250.184.193
142.250.184.195
142.250.184.206
142.250.185.162
142.250.185.226
142.250.185.98
142.250.185.99
142.250.186.100
142.250.186.104
142.250.186.110
143.198.240.112
143.204.98.17
145.40.97.67
146.75.116.157
151.101.130.49
151.101.194.137
157.240.0.6
157.240.251.35
162.247.243.29
172.217.16.206
172.217.18.10
172.217.18.6
172.67.69.19
172.67.69.48
172.67.75.56
173.231.180.197
178.250.1.9
178.250.7.10
178.250.7.2
18.185.166.17
18.185.230.6
18.66.112.27
18.66.122.44
18.66.97.119
185.64.189.112
185.64.190.78
185.64.191.210
185.86.138.155
185.89.210.46
192.229.233.25
193.0.160.131
195.5.165.20
198.47.127.20
198.47.127.205
2.19.104.211
2.19.105.180
208.93.169.131
213.155.156.166
213.19.162.45
216.239.34.36
216.239.36.54
216.52.2.91
3.123.81.250
3.126.57.93
3.75.62.37
34.111.129.221
34.111.134.78
34.120.195.249
34.98.64.218
35.172.160.55
35.186.193.173
35.201.81.77
35.204.158.49
35.214.241.28
35.71.131.137
37.157.4.29
44.232.33.101
46.228.164.11
50.31.142.31
52.202.131.94
52.222.208.154
52.31.175.73
52.45.228.151
52.51.216.150
54.218.80.76
54.76.89.191
54.77.73.229
63.215.202.146
64.158.223.140
66.102.1.154
67.220.226.234
69.173.144.165
76.223.111.18
82.145.213.8
85.114.159.118
91.228.74.159
95.101.149.233
95.101.54.129
95.101.54.200
98.98.134.241
99.86.4.39
01429d783053260a7c96e19f510e3fdde003ed7bf3e8d5d0f34ea317ddf7a13f
03c1ae94700cc6d242f6471370b9299bd6ae9e251cb69a3d4e40aeb1e795abc9
03dde1b3710769c25b0c1df73c9e325fad06b6c8b4d5bdf4c3738a728d404d4c
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058b10ee66670fce739c8cabe03b3b9476c625db6b107725adfaa23a5fd0e1a0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07c808f6ed4ef12919a90f72d027f009ade96f91656ddd00fab8ddd511517f92
08a07d5e6f83c7e43080b10b53a4715d4d9be481019f9978ccfddeec1da27ca6
08c2edc5a337a9567c3f3aaa1633d55cbcfb18a2e244f69426c4a408c24b56c0
08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122
0ecee46e8b9c255353e925702a4a8d296efcaf23bcde8332bf43ef50c6815976
11a824e4c63932ec7c2684c8c9554c84461efb5d731d15387d77bb5c3e78f9d5
1364d97985fe30ebcc891c7435e03e7e615895c63a94fe07d913072599cd23a1
14a6885848b1a372754e5e02da3c266d417c309fc767cd7b1a5614b02a934cf5
1503c25caa45c97ea04a1317228be52331739a397c0d574ded2426fa4d1e8596
151c139ddfb39c87522cac64c61826adcf234b451d8de1545d30685816eb7c70
1562ed280e5486999bfa41e9eddf46996b078b54e14fff9748b427c793bc6969
15980f132588c91083fd8600c1572f936a8df921bf3e63f0e97305b048a7b10d
1696fcbb575d662885a6f23d7ec2acedd2622ebe61731136e0e912a3ad7a0e37
185c731d9ab38637a8c39c4e8cfe579aa494905386a1c77f2268b0b473a2bbd9
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18cdc722e78e734edcbbd6972f187f9e1b5a3fe7f0137ad3c0464c4c54248941
197589421fd20148662a37c088876fe53ca3930f5f62cedccba05b912da9327a
1a0012b5dcfe08919c97ab93c3874ad30e5827a0d6b21b3dab6d3efff9ddf902
1a8a66c02fb0af7a1b4d964c3a9f4d40e41754b26edb47bf14fc62a84e115752
1c045842455f98f786dbe3d7150e9e9751e918f86d686ced5ede8a85e8387630
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cde0f8766b5ab99fe8429bf0c338cb1884ebbaf971f4fa6f3d94979d0358c3a
1e074d00cc3c69b34863f5a2cc7fa291c84f6bd0900fc79bf983ce4f17dad94b
1e54a8faf23df54bd3f0a3b09089a638ea398a99f4923a7f224edc499fe2eff5
1ed9466c67ace83e6b064793dca7fa4623a271a35a08e7d8dc35fc73981314bc
2027835fd8ad2db231b8e32d013bfdee62991836da3e45b36c9436f8ab878edc
2041c24e7dc56491e651ffbdad24826c70f1b8e81e9aa10f7ebfc0128300f512
20b403934e22730e003f73c47f85f7edd2fe60a440be4cdb63db851a332a3fac
21740a7be0698666aa1644259ebeea93df405ee9e6a59e331e6dbd032b8b97f3
21e67844bd44af52119de8c22c866e82cbc0c8e38a3ed317efb1c418422b6d4a
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e
25d2af365a881b381498b86fce905f4b80c513ac1f127ee481cdf5af9a24298a
291ce931d8d0a1fafa6cc9d7a723dd165acb6dfbac255e980818f4a42501f585
294d8ec4e12dcb71f62de0ddea4363ae35de57520cadc0e728d9d756d56525a7
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ad22bf8a40b708554b5a2fee3f7e18f29bc73bed208625058b97f62352d494f
2c1e314bd40a5d53a2e657710b9a41778f2e105084dd41fb2305dc008d5bffd2
2cad1c8be3f8f84a05361f5b560fbd93895541c6da9de09b995ee742f0b4c6ea
2cb404cd4798c3d35c75ce97120c251ac19174af1270ed1aa8e1ff79d9a11a89
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f91051c6387dc5a5c2f7b666d8ec34f4309faf1963fe876ebf2e363ab1db9e1
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3058dc49b1d849c9dea2f9177220a819c4c69e820b681689e81fea28ad6436e1
31b3b3ac7c512819ac805a25ddf3876da73c829719c83fc1a9f3f25e50184fd5
32357eed6ac0bebf5b7cbdb484c3a9ff7f75f97b2c557e21ae7e864ee79ba001
325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a
32efe5b98531569d4ee92ffd791b6c3ad191a5178b224377fc427918ae4e2caf
345a7aa8d7b28169c3bf25487bf23796a7b534ef1d477f42ac59b3998aa70e13
3477d1a5cc20a40ebf68fa0c6960b02782cc9b68cb2029c70dc1e3035cc79818
34de3c28ebc456ce336489e8cea9ae56762fdb1e7691c2a080b00256c98925e8
352485f4f02677cb02d6a7d8a0513f0febe7b5dd2927639e7f86cf692be9bcf5
352b7bf6d48a2943a7967ae3f4f40ba3c024c7c67bd3c46afe6d182fa065fa6e
3531a6038d8c443a058d56a478b947afeb7b0e472a9e4f9069baf654b19d97a0
3724ff4acc49942a03ca3d38953a5721172ecb22c5e3e7ec7d009716cfed3491
37653053d6382819c4b7b32fa831a99cefe28dc29abdadc27e811d1f659bf828
3c43a5fff386efad93d29366d9ea242706f6651359d2fe7eda0fc88555fbed9b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ecfe25dde4e16be2f164605d9b886937415f62f9ae69f38ef885f693e7b6339
3ed4d21ae604cee31eb8d3680b53e02252742c90bd4bc0c49e335b9285175e63
3f442ff88e8a65622fac2d796750ff92a14fe177b3250ca335acaed8c0bad926
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
408e07766f4738e3e94903559e84f884fb9504acfe3e7b9e7aad6e6f267b2757
4176bc6d8b5357779cc56579a19f114f37fbdef8a593d3b175c0e9e064b05160
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47a992aa86f3ad323fb1a1cc9722d7eddb7f16452fde15dc410d3962b0b78879
47e04e3adb8fbd74845501ee0903b53b108d7932e4e6f812abf7abd5b4ab8a0f
481192fe255cb7de3f6430a096d885c9e1830d4505fabb0485802bc27db1d550
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a65b54ac1a5135f0684958f16fd517109b2d20784872044727a7e56fc1d8cf
4b61d67cfb38ba82f7b4e1a8ef74076448c58e31fad7078fc2c9d9f2c8d92669
4b6dbc71e6e29f04d48cb830748025f0c4c2428cbdaab7675b3dae6f202bacd7
4d2fb88aeb6d9ea6c1d954838ab01df3532789ae6ff6fe8bafd663595d948633
4dfe3321144fa90a24b43850c00ebb242704dbc06e806fa44f314a756e403f83
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5039ec9d87a3b723597f43de14496c18092fd8582de101c8339928cb3f1de150
50fd00dd43f5499a811b8198638baeabc5bbd7760c3673f09374930c3fe258ce
54452be992ca4a705e9b73377641b1a9d38df3b08e87b79c305a9214399f44cb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551c48f82182b638fab2409909b7ca6a95aea4c955f1666aca108ce2fa0b14a8
553fc7c7cd881783ed531f223660125e4bb4da4e6001271833a280301b54828f
56671e79863944543228db7a0794d9296dfa5452c0d3b79e003f26bbd2bafc04
58bdcb1138e327954de2579afab2746e3bebcc5168889c5c4f0e1a072410f7a5
5aded642b1abb82543fe9109e8941ecf20187725e620f653e5a4493f98bfd682
5bc1d79e5d9f5efafd0073663e94fb41a423b22ae2996252406d75c560d8d2b9
5c4e845bcc008de8e28592d2c4d67050fafc6d5a6dbe2ea76b6039d377c7f4d5
5e7ca5832e619db39923a0e814547a8fc802c7ec694ee3c96a200760f1e26c5e
60c0a36de347e1c4343a7cd87951674dd4a706f93bdba4dd41aa9687ad52cc2e
61f2a206e837d144c8f3cbd4729e6a4fd1b87a593c69d9c8a6ae1aa04677b0e6
62ccdec87ec6292a3fb72ebd993074b9bd6959c431d5f6d287494f520b06a394
630a4f0237aa55482aef3e5e16bfd7c0db7a93be19d41ef0c2f4271e7df23930
633022787a1ea491c2f88f4b54bd670da0bd0a4980ac67b113ab351845b66b9c
63d0c3c13aaa0c2c574d76cb18ce07ad07371fdc97afa0db274913563b9efb99
6442aad14e5b3c31e93b71c361b08fd971c75b2280f7d52056bd3aac49e501c3
650f2eccd059ae0ba2f37ded360e6f763ab2a4cbc99b40f3d94b517e90b50c5d
65433ce9f5c2db2aa8c98d3eef8516d5e818cd23d60ec0e0bfd94c40c9f8d368
66541afffbaac31c9f3a895b358478459a72e9b44b9ca50b7b9e959130b495e0
670b6dcbd4f5cd58abc0a4aaeabdd0f47a0fbe79e613b930341ff6117fab0070
68c6d5e89006af6b3565a2f81aeed985564ab54cf6932853746704ae6703ee14
6941796b3ef2f1cd8a60dc8497dafb587a4a46633f6408e1d0bf5da906e7546b
6b1476888e97d03bc36e4b8f28cb89379d2efb525f488e0fbe3e129a364a20ad
6bc4b44f1af279468652f19e99e5be22e51900ed7d3055797263993d61a2089a
6d35f52b30d70b3e8f54f21c227931826b9ca43b85cfd826ca19ce827f25c58b
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6f7868215a21ca7e8cc040f664ed03556e5efc7ab0e18a7453b9d1c28913d430
6fcc435c3c0d1214264356edb0a26210a6af601215cda8347b75afe4a040adb7
70b0ee24d1a960d5daa14929ea8845d72d443df38da9647c78b7efa1a4f89280
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75a9ef368cf6a87b95edba8530bbde9f611da0d8c0128dc995cb78573538d5c8
77d80a07dd5c20732e3936da19eb384f296c6a2502632d2ad63c2eaa9c122724
78450ec69f1f43be5a6f584ebff62a7f3dd8101697c235df6ba2837905f5feef
792318d91d50f2a952e08ec9ad3a4c081d969d62730ef9d4a567da45c8ad635d
79ed50d749590fdc3b11fe00ed3709a23b9eabbcc7cc641811f3aa2e1f8c4c91
7a012e00cc6c9fea6a77b69d7758d25de92b83f4a9fb20b4354d7ee0daf9bfc6
7a0f17603fb537b9a68b2d8e80b07f10f0a56a0e89c2078d3b9f25c801171eb6
7a9f92295e07fcc7a88e60b0bb1ecedbc195bbd9a845f2082c5afaa6a7a6003f
7c034b19f711fd6e88764869010c5cccb03724a82bedcc75d3f047512ec223cb
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e8bb4e11b8f596241df31a341a3a401652b92abdc68a3b6f58cc50f1d5f383a
7fac9a6c7df35b075a0ae3c7873e9b34910f17bbd1556ff0fbe3275a84e58698
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8324fd56c49588d8097cb72b2284cae5bee4ab3922b73e448e3bd61aee32b107
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838a3132953125c5fb4deb7f199df47f4596aa2380d672f9c322dca8367c1817
85470d9f03454c9942e07b01e8fcf9a911e1de4ece36a8c55e1b427ed98822a2
85d5342b0ad8457c692ffbb284dd252d8553932e39d75771fabae58cdd614b63
86e827ed134d0d3463516287888e1d5bc0e48029519e82b977b41d86e4985a25
8a41cf73aacdc5d219d5cfa02e597f7634c2bc853a9886cef621c5f7ba150fdf
8b4c0f06de2af30b0d26b6360eff4eea02c2acf1cfc87d4f3266fc3e02a68dac
8b7a9c0b7d1793ee17e59d95b00dcf775ca800a48b2397c0be2fd3674e7dc61d
8bd39c0761fc83fb4f48dac35334f5b28980acb1abdacfcbe1c03984d930e75b
8c8d2bda4f39810c8650a74cece803ff55b40bd234f9ca35068b6155e0bc7555
8d3d54f42513f0e67ebcde4ffc3a40c4770f6824611aecc523d29233e34b18cd
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ddd7e2bb0c4c1a2dc49b4ab6a3d7b6f9b9c4f574059f1f5ecf4747209d033fc
8e458677a661ebcdf7ce3cc8b65a88601115c701f7165a01b0f968c377cfbeb4
8f7fa452a755e2a802c1211e81129128db8510c74eee0def46702518885e269e
8f891785dd8326d095f6c19c4c63134d007153912320d95f0c58347787554fe8
8fcbd20742a924b0c2637c326b816fd4ff74a6584cbfb3030a503f1fd5c92abe
9029db23f4f85ccc165baad7b1faacd6dbf338374ec896e968d97bc0d53c8eb6
91e92f74169711752632b43feebb1b964265b6e9d9b62a31035599d2919d40fa
91f4da945d127e1b4f9d684ec4e4f1c24cfdbb8504d7b53c4c6b2ef9aeb1676b
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9407c0251bd7b695a38698d04bbb15514ed472e11797aef7793b9acb2b04fcff
949b46503ffdec1b16c1c336ca6df94bd620a2e64f29d11d6b6757face249e65
94f2b63c4b8bc91fe2ffc208f42201c7f3ee69a1df3955a6c497fdf5293f18b0
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
9561cebb87f7458fd7ae37a964e1041518f954ae00634ff8726234381f35c6d4
9584c8da5e38495a93fa58ed0efe855fd33a41aa972bcd33ad1d867828964517
96db78688eeaa912da69dc30b36409f108e9814426f15a9d6eb1cc76640a37c2
971cc68c80406fb0b59f70d1f515940a38617a2ade2c3267f7ef3c19dd2c9158
9770fb981bd8655645d079cf5cb917e8024ee57858e1e4bfddb0d90d4b4dfb33
986d2765ee5233d76b93e68ad82e9406d3c887a911b848aa6c65f05f432ad6d7
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99b8813666fe09cf6c177c07819a156266d727b55a0616c37b17b6c16aef2f14
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9b6b89eaeed8a27571d77afbd7758cb8f1849f13df2e78eeab4ea396e81ff974
9d3edf5878aaa6193a4dd38911365084c3c8b1e0a53159e301c5b2364b0191c8
9e642752027fd880799fad4fae3d0df39b2dd99f9484a0a6fea636582ea4a735
a035f489dd38394d1c1135c7461b55e4ee51108f71fb3cdf491489a0c4eb1861
a0b0f4043d98c8820799cf002342c7ed43eba3760b5b93dcf33dd060f9724909
a1962f56716c3fc8e93e593dd611f7b45a8632bacf8df45b56f9dcc5b3c10958
a4b1eecebb71a3c06f6b4959c3c1961f7f4351e715034315d404bdff7eaf729d
a586f675b3b5380e521d24e3cdb674e4b2cf89d56314da99cbdc1c9889f137df
a865a5549152ebd0530fa3c2ee42bfa06cb16b952a2373e0bea3d393df63d72e
a95afbe0ea1be4281b39b10ec3b7e6a2b5895a5b6c9e74d9038dcede3d2b0003
a9d02ba67a936af55ff2676e5fe0032f64816991a66c32acf077859032f226ff
ab757d43f2206a84995307329f0dc63a1fdf175b6f0e58e3a80c681af6d606d8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad26536e0c9e76ed89ae9077a022b694029c494e02cc1a60421fb157b081ee16
ada9f0c5bd47cacb9d1bf77928ec3b2005cd91f7bda69b9302ab5bb40c6d4fba
ae3a9914c26a945cb98fafe85bf6e65a25a02ab5344c5fa54871864f25399d9e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1117eb7050965648e6e283a9dcc688ee13e3ac8555f286732d82fa63dbd06d1
b13ae7e17fd6685314f4ea71d7c5b4249dd0e39aa8ef6ebc5fc8b9a31d3d6f41
b2c109620b3edfc2df29d708157bf593fb78493a59cffd76bb5b444bbea95d58
b384d585fbaba6b6dac692948decfe5cdaaa274a94fdf7ca8246c0b7765be7e9
b3fbc63c639e25321cc5910144056f6f11df12ba3a8738bab5dfb1c1dfe50f41
b64327cd65d0b974313324e717eba7e8f6604378f848e86e2becd1a317c3ba8c
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
b78a770b2c0a51d0c35dff997247466171c251f5d54c4e701431bfd1cf1771d5
b7a473af21bbf29247002d310fa65cc9a04ae63c02c343a36c0a5e7dc1cc22e8
b7c62ee64ae8097484b8a7b0e25ca1e174f9e7a79ec0cd2ea6aaf2fa2ac0d149
bac904b324ab632c983d652fab88f57bc606e75b3fd99842bb9fdd816c63863a
baf4fde8e66544021f0ceae1f48f8d1edb33bc1b0bed7d051ba4423aca155c5f
bb0db7b8618c44b39502a90d2bd5060d0ad48a4812f95661e9a45cc516f9ed4b
bb1573eac2acb3cecb3f3b3880b433c61d441258647841cb88d7801905b2bd04
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbfe35357e92be2143fd8a3fd131911fe164b694cfb457960a9a13627c1bf4ad
bf0aebd58e52cff2ea4b6f333dbe5d326268d58a5738259217757a8944d0a525
c041863f2b4f0e115790fd4bc4279b51efb76c68f496f866412c7be7274fb426
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c2c484ecff83da72450d8aff99257eba9f37e56993235964f531837ccc858fe9
c5dc250228b63ec45ccaf25c7c7b9103a504bd5ebed035e88067475076c4b78d
c642a43ff8e9e4ed068b6ef2722c313592191b914069968696608765b5e6719e
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
c8615aaaa7fdc9f56622310ae9d4e13338daea5fefac1245db2cb42b8d54027a
c96f1f7d335c62de50b20e8fb947d900476736ee9849b1651948020c99830546
c99cadd1ad6f2e3c7563dd5c5f5331b623c25d6e34a068e9e5215ff4132a9454
ca08a0844550cab6d8639a4c694a1697056bef8009a5bb27cab645a8106c1786
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cabb3e4ffbbe312b58437e244a2ee8071864b015f387c7d98773ecac924f3a12
cb068a653639dcb56965adaba3ab222cbe12841ede3b9adbcf66d98d5883847c
cb9fb4000086474f84dcae9a54dd2862d09878bc505f1d4b5525755a5723eca9
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ce56fc49613280d9c2e95b2917ba846152a054cb152c5e92cb54aace37df3c36
ce81e754fcbc04b6124b0a1e9010c8fe1c48495ae51846b61dcc28327e3b337b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0b3112a8022a1d3df70e98c40b3926dea9f528073250aa584527ab6427e5d71
d13e2137b97510a7ecd74b7e7ea2a75da2c4e41d5a2939d2adbc8434c83d2d3d
d22ea328ef996fb9d21ee2ca854e754d553fa0d0c75a97047046a1d04309cd3f
d3854f9aef9bb56a35fc2862f04a164db1fd159f7c8187d9263018e204527408
d3bb6598915d7cb507f6016893bebdf5a7ba8ff86c1ad77dc2730f17d071843d
d47b539472c50c9136f0a7d0c64e3d0d5c4d1812e194f76ffe45dee255e59ae0
d79912531388f6a6e55e50deac0cf5d275df28e5c2f9d4afa8d0f58072b93045
d7affc2a1f4eb6297468d97b37a5350dc46d7d5bd10a7eac7fd4df4236c4fd5d
d7d59e1901c5a25a5a36a3e4d2d48e1d222cab726983f4996d788ff0dee85253
d9122a54cd3e00002284794752e7a02513146bd60b8713227003f9088c0c28a3
d91ab5dd8558acbac1d07624b3cb0f5a421325187786006e9ec94efc26d88844
d93aba0000258a95bc20fb64c8fda214b07add40da84a783871601a319dfb80c
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9da809ae1419eedbf9d4048b2319ddceb6c115ee85ce2ad4f2657fd42471199
dabe6ca686641f1ad4ced584c79cb25b821b28076d19d4464e4e034c75e13322
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dd09d1d739d15f9d6ee30bc243d1e9ab5c847846a05e58ab0411e47b5a6b6569
dd18d02e16379e52b39ce7c7884616247f57bd1a40c6432ed9dadcac3bc7d271
dda7d818d924dec97d16be3eefd3869145dfa2db4a870842994041c108cc73ec
ddab1542776af2c183796feac4698b616858acab1f86d7adc1fbe1d036bda597
ddac9c3e43934ee5886aeaaeea2a5b58b31f3d0dca35ff480065621b2f5bb59b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfd3bec4e1ab2fcef0c9a7e0961b0d417ac0dd22113c5bcc2f98a5aae847bd61
e0e09adc349a4ec0b092c5ad5163279fab9a1471f9838c3445376d8201447f9d
e1c21e5a1eee07233181dfae87478c6845ad2e0eb9ada9966e42e1afdf073aee
e22d06839445e8e5127b3f42c6129a3d4b7e1869c80647b7d4d948ea74a232ed
e3010e888c02174130bf5d52bc15cc2659f569fc088d1b93340019c525009573
e35355fd108a997fcc1cd4ea3e24bb38e798fda6948b9e3ad4f3b77d59fad980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b0c5d02a95533fb348d11c1e2850264c849960249487671d221bdef2eba502
e80574fa6253401684f48ffe86ab25e9d84cbb8ea36601b1b72cb36e195bfcc8
e8113885657b316d18fe6863ba7ae9175e000e3d4777b9cc4b7a11e5bbe1ab66
e90f4217307d48274ca388de4746a2a91ad1a49774ed7c341cc6319b146298ea
e9204e077b3d5430569501ab49f811f2938f2e3b08e18983cae847a1e6ebb94e
ea0a3347586d6655b46a02ad49e267649273207f1099d548e069cae4b7b2bc61
ec95dac3cab7f059daee4a4127ffb52da7e35ff404dc59dc1369b24786df97e5
ecf5d667778b93ce2386f53f403878f2c77034c38c7bd2eef99036f1ed275454
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11639f1d65789a93d3f4de1d94e4cffbade35c6bfdaec735c41283d905adf56
f1ab432a2f8e59194ec67510a15b66fa17a46fc020f84f8dce1f8e0d8d75cc76
f25e58d784e0fb5cb719c92ec2aae9f13ecfed6c2f3d105185696859617c8fc2
f2646a598b5fd78c69866c2e1025ba57cb1115cf5df7ed6a06fa270877dd0ab4
f464b79c2b346a2655e2242c4caf8ea009468832598577c3e664c0c5df76adaf
f46844d512212ef39ac03bece95761175c4f198fbfc059acc7c2f5d75a0086f1
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
fbbd05d1c065e3acffe7cd9dd1d4e8e46050efa5a6714f1844abd3954c83fd5a
fc3ea0e39d7073725836e52297ada0169a423e10671c9c556a6dc937237a955f
fd2770261d17331f0f5b61efa78bdfca626de50b0e185702a22de50ba67da863
fd69403921aacbda547e27b6b640150652bdc3f9942edce578cea7a3fc9a11f8
fdc3fd4bd8e40fc6c25ec03029cd5ff2b02c4486988545c377dd9655ca346dbc
fe4f5830e8997ab78a44111d6e1df8277d82aed669902985683e040a733c05a7
febe3aa909b84b4591cbf155472b54b2aa9486c0d10941673594f1f97f12d255