intel471.com Open in urlscan Pro
2606:4700:20::681a:f9e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques
Submission: On November 26 via api (November 26th 2024, 11:43:34 am UTC) from IN — Scanned from DE

Summary HTTP 36 Redirects Links 43 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 36 HTTP transactions. The main IP is 2606:4700:20::681a:f9e, located in United States and belongs to CLOUDFLARENET, US. The main domain is intel471.com.
TLS certificate: Issued by E6 on November 15th 2024. Valid for: 3 months.

This is the only time intel471.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2606:4700:20:... 2606:4700:20::681a:f9e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223c:bc00:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:8bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a04:4e42::720 2a04:4e42::720	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a9a	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
36	12

14 2606:4700:20::681a:f9e (United States)

ASN13335 (CLOUDFLARENET, US)

intel471.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:bc00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a04:4e42::720 (United States)

ASN54113 (FASTLY, US)

intel471.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a9a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	intel471.com intel471.com	367 KB
6	imgix.net intel471.imgix.net	2 MB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 333 px4.ads.linkedin.com — Cisco Umbrella Rank: 7032	2 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	315 KB
2	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 3812 cdn.acsbapp.com — Cisco Umbrella Rank: 4086	139 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 831	14 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2580	950 B
1	osano.com cmp.osano.com — Cisco Umbrella Rank: 5209	61 KB
36	9

	Domain	Requested by
14	intel471.com	intel471.com
6	intel471.imgix.net	intel471.com
4	www.googletagmanager.com	cmp.osano.com www.googletagmanager.com
3	px.ads.linkedin.com	1 redirects snap.licdn.com
1	px4.ads.linkedin.com	intel471.com
1	www.google.com	www.googletagmanager.com
1	snap.licdn.com	cmp.osano.com
1	cdn.acsbapp.com	acsbapp.com
1	acsbapp.com	cmp.osano.com
1	js.hs-scripts.com	intel471.com
1	cmp.osano.com	intel471.com
36	11

This site contains links to these domains. Also see Links.

Domain
accessibe.com
archive.md
www.qureca.com
finance.yahoo.com
www.weforum.org
carnegieendowment.org
www.dni.gov
www.cisa.gov
www.fbi.gov
labs.withsecure.com
www.darkreading.com
nvd.nist.gov
cloud.google.com
msrc.microsoft.com
attack.mitre.org
cyberscoop.com
nattothoughts.substack.com
www.microsoft.com
www.sygnia.co
hunter.cyborgsecurity.io
www.facebook.com
twitter.com
www.linkedin.com
thewomenweadmire.com
www.securityinfowatch.com
www.scworld.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
intel471.com E6	`2024-11-15` - `2025-02-13`	3 months	crt.sh
*.osano.com Amazon RSA 2048 M02	`2024-09-17` - `2025-10-16`	a year	crt.sh
hs-scripts.com WE1	`2024-11-24` - `2025-02-22`	3 months	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2024 Q4	`2024-10-09` - `2025-11-10`	a year	crt.sh
acsbapp.com WE1	`2024-10-16` - `2025-01-14`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh

This page contains 2 frames:

Primary Page: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques
Frame ID: 3221A3CF42466875C04EA36A1A9C11A4
Requests: 32 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fintel471.com
Frame ID: C4C06B839F9756D547ADC6CD8EF10E6D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

A Look at Trending Chinese APT Techniques | Intel 471

Detected technologies

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 75%
Detected patterns

<[^>]+[^\w-]x-data[^\w-][^<]+

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

36
Requests

89 %
HTTPS

91 %
IPv6

9
Domains

11
Subdomains

12
IPs

2
Countries

2467 kB
Transfer

3972 kB
Size

3
Cookies

43 Outgoing links

These are links going to different origins than the main page.

URL: https://accessibe.com/blog/knowledgebase/screen-reader-guide
Title: Accessibility Screen-Reader Guide, Feedback, and Issue Reporting

Search URL Search Domain Scan URL

URL: https://archive.md/ilwcb#selection-2313.133-2313.154
Title: cautioned

Search URL Search Domain Scan URL

URL: https://www.qureca.com/quantum-initiatives-worldwide/
Title: estimated US $15 billion

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/news/chinas-ai-industry-could-see-093000369.html?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_sig=AQAAANgpYpDeRkd8d53EOhsJQv9s4-7Ei5fld1gbymMmr6LXdSijNRYMxjJGVEMeoZh8tIa2GnhxT7bOlV_8GShDzsQZHJCEALDYRHa_dTKGejTlNpcODAqXDPIiQKCj2MnHAj0Xc3VYIcOX5TsUcuRTJZzurvRO21mDMmcdOOEOWCuS
Title: US $1.4 trillion

Search URL Search Domain Scan URL

URL: https://www.weforum.org/agenda/2024/06/why-strong-regional-value-chains-will-be-vital-to-the-next-chapter-of-china-and-africas-economic-relationship/
Title: Africa

Search URL Search Domain Scan URL

URL: https://carnegieendowment.org/posts/2024/02/how-chinese-financing-shapes-the-pacific?lang=en
Title: Pacific Island nations

Search URL Search Domain Scan URL

URL: https://www.dni.gov/files/ODNI/documents/assessments/ATA-2024-Unclassified-Report.pdf
Title: espionage

Search URL Search Domain Scan URL

URL: https://www.cisa.gov/topics/cyber-threats-and-advisories/nation-state-cyber-actors/china
Title: assesses

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/news/speeches/director-wrays-opening-statement-to-the-house-select-committee-on-the-chinese-communist-party
Title: said

Search URL Search Domain Scan URL

URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Title: WithSecure

Search URL Search Domain Scan URL

URL: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Title: Known Exploited Vulnerabilities

Search URL Search Domain Scan URL

URL: https://www.darkreading.com/vulnerabilities-threats/zero-days-in-edge-devices-become-china-s-cyber-warfare-tactic-of-choice
Title: an estimated 85%

Search URL Search Domain Scan URL

URL: https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-038a
Title: advisory

Search URL Search Domain Scan URL

URL: https://www.cisa.gov/sites/default/files/2024-05/MAR-10448362.c1.v2.CLEAR_.pdf
Title: KV malware

Search URL Search Domain Scan URL

URL: https://nvd.nist.gov/vuln/detail/CVE-2023-2868
Title: CVE-2023-2868

Search URL Search Domain Scan URL

URL: https://cloud.google.com/blog/topics/threat-intelligence/barracuda-esg-exploited-globally/
Title: Mandiant

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26855
Title: CVE-2021-26855

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/groups/G0125/
Title: ProxyLogon

Search URL Search Domain Scan URL

URL: https://cyberscoop.com/pwn2own-chinese-researchers-360-technologies-trend-micro/
Title: saw success

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42321
Title: CVE-2021-42321

Search URL Search Domain Scan URL

URL: https://nattothoughts.substack.com/p/tianfu-cup-2023-still-a-thing
Title: exploited in the wild three days

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/security/blog/2023/08/24/flax-typhoon-using-legitimate-software-to-quietly-access-taiwanese-organizations/
Title: Flax Typhoon

Search URL Search Domain Scan URL

URL: https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-144a
Title: leveraged legitimate

Search URL Search Domain Scan URL

URL: https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-270a
Title: used

Search URL Search Domain Scan URL

URL: https://www.sygnia.co/blog/ghost-emperor-demodex-rootkit/
Title: Ghost Emperor

Search URL Search Domain Scan URL

URL: https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-orb-networks
Title: “constantly evolving mesh network”

Search URL Search Domain Scan URL

URL: https://hunter.cyborgsecurity.io/research/hunt-package/bc0fd59c-4217-46a7-a167-764727118567
Title: package

Search URL Search Domain Scan URL

URL: https://hunter.cyborgsecurity.io/research/hunt-package/f669108f-c593-4de7-aa8e-356583a2ef65
Title: package

Search URL Search Domain Scan URL

URL: https://hunter.cyborgsecurity.io/research/hunt-package/f90202f3-107d-4841-ad26-26f378c86f65
Title: content

Search URL Search Domain Scan URL

URL: https://hunter.cyborgsecurity.io/research/hunt-package/98846e7f-c90c-4156-8643-54a613286b66
Title: content

Search URL Search Domain Scan URL

URL: https://hunter.cyborgsecurity.io/research/hunt-package/0eca36b6-57ef-42b2-bf74-6d0b7dd12aa1
Title: use case

Search URL Search Domain Scan URL

URL: https://hunter.cyborgsecurity.io/research/hunt-package/fb2236a8-8e03-4f52-9b2f-1036b7a8a8c1
Title: hunt package

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques
Title: Share this article on Facebook Share this article on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques
Title: Share this article on Twitter Share this article on Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques/&title=A%20Look%20at%20Trending%20Chinese%20APT%20Techniques&summary=Cyber%20capabilities%20play%20a%20key%20role%20in%20achieving%20China%E2%80%99s%20strategic%20goals.%20Here%27s%20a%20look%20at%20significant%20state-sponsored%20actors,%20which%20are%20adopting%20stealthy%20techniques%20to%20avoid%20their%20campaigns%20being%20linked%20to%20Beijing.&source=
Title: Share this article on LinkedIn Share this article on LinkedIn

Search URL Search Domain Scan URL

URL: https://thewomenweadmire.com/2024/11/20/the-top-25-women-chief-customer-officers-of-2024/
Title: News The Top 25 Women Chief Customer Officers of 2024

Search URL Search Domain Scan URL

URL: https://www.securityinfowatch.com/cybersecurity/article/55244478/how-todays-ransomware-groups-operate
Title: News How Today's Ransomware Groups Operate

Search URL Search Domain Scan URL

URL: https://www.scworld.com/feature/how-intel-471s-ashley-jess-stays-ahead-of-the-bad-guys
Title: News How Intel 471’s Ashley Jess stays ahead of the bad guys

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Intel471Inc/
Title: Find Intel471 on Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
Title: Find Intel471 on YouTube

Search URL Search Domain Scan URL

URL: https://twitter.com/Intel471Inc
Title: Find Intel471 on Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/intel-471/
Title: Find Intel471 on LinkedIn

Search URL Search Domain Scan URL

URL: https://www.instagram.com/intel471inc/?hl=en
Title: Find Intel471 on Instagram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6496548&time=1732621408285&url=https%3A%2F%2Fintel471.com%2Fblog%2Fa-look-at-trending-chinese-apt-techniques HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6496548&time=1732621408285&url=https%3A%2F%2Fintel471.com%2Fblog%2Fa-look-at-trending-chinese-apt-techniques&e_ipv6=AQIc5XaF7bZu8gAAAZNoSJlreCPLhwY7FYJ81ze61lWiiHXQf5jqLlROLvfU2n04RBOXMlUfacwSq2LSdjZzD9h9ybgDfQ

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request a-look-at-trending-chinese-apt-techniques Show response
intel471.com/blog/ 161 KB
30 KB 2758ms
2676ms Document
text/html 2606:4700:20::681a:f9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5eb6e2d1268df285fe42265ba3f4f03d03082f72bd86d6854ad136210a13718

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 8e899edcd8bf35e8-FRA
content-encoding: br
content-security-policy-report-only: base-uri 'self'; default-src 'self' www.youtube-nocookie.com data: blob:; connect-src 'self' forms.hsforms.com cdn.plyr.io noembed.com analytics.google.com stats.g.doubleclick.net www.google-analytics.com cdn.cookielaw.org cdn.acsbapp.com api.hubapi.com forms.hscollectedforms.net wss://craft-intel471.ddev.site:3000 ws.zoominfo.com pagead2.googlesyndication.com tattle.api.osano.com px.ads.linkedin.com snap.licdn.com; frame-ancestors 'self'; img-src 'self' d39ec1uo9ktrut.cloudfront.net intel471.imgix.net i.ytimg.com forms.hsforms.com forms-na1.hsforms.com cdn.plyr.io www.google.com lltrck.com track.hubspot.com cdn.cookielaw.org data:; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: cmp.osano.com www.googletagmanager.com googleads.g.doubleclick.net acsbapp.com js.hsforms.net js.hs-scripts.com ws.zoominfo.com lltrck.com js.hs-banner.com js.hsadspixel.net js.hs-analytics.net js.hscollectedforms.net www.google-analytics.com cdn.plyr.io www.youtube.com craft-intel471.ddev.site:3000 www.google.com www.gstatic.com; style-src 'self' 'unsafe-inline' cdn.plyr.io; form-action 'self' forms.hsforms.com; frame-src forms.hsforms.com www.youtube-nocookie.com www.google.com td.doubleclick.net;
content-type: text/html; charset=UTF-8
date: Tue, 26 Nov 2024 11:43:26 GMT
link: <https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques>; rel='canonical'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FtPC%2FkgKR0XGvB9EY9va2MuuXdsp4F0jUaUlz7oP8edXOcjYzJp9Z9hYq%2Ba2xgmiLz8LCjTFVNTaCP903Yu2fLzJ%2FOy3v%2BSHWk4dGW%2BQ14UUnYI%2F2j3owaN2PI%2FzpHFrT2UgNHoxyAa00Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=20105&sent=7&recv=13&lost=0&retrans=0&sent_bytes=3934&recv_bytes=2378&delivery_rate=207413&cwnd=254&unsent_bytes=0&cid=312ae4900dcd20bb&ts=2699&x=0"
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 intel-website-production-64f9c565b9-mc7sj:8080
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: all
x-xss-protection: 1; mode=block 1; mode=block

GET
H2 200 osano.js Show response
cmp.osano.com/16BW6xUCfaBzZ22aX/d1f5b864-78ac-4edc-96fe-7044e6fc07b4/ 234 KB
61 KB 488ms
318ms Script
application/javascript 2600:9000:223c:bc00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16BW6xUCfaBzZ22aX/d1f5b864-78ac-4edc-96fe-7044e6fc07b4/osano.js

Requested by

Host: intel471.com
URL: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

c4b236ad837ee8695de4c855d1737265c3b190bf511ffc8531ddbfcb66f7b5cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

content-encoding: br
etag: "d9bc4874715975bd781d397e99292dbf"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 1Ov9V0HB2o2j20cVjzi25paqVe0zuHQvN9-THm3T-NERyIUhEWRCmw==
date: Tue, 26 Nov 2024 11:43:26 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 18 Jun 2024 17:21:10 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
content-length: 62011
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P2
server: CloudFront

GET
H2 200 8813571.js Show response
js.hs-scripts.com/ 1 KB
950 B 396ms
232ms Script
application/javascript 2606:4700::6810:8bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/8813571.js

Requested by

Host: intel471.com
URL: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

331c740d7f8e9ed0e273c42819cef720d6be4013258649f2536b12f7609b9e0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

access-control-max-age: 3600
content-encoding: gzip
cf-cache-status: EXPIRED
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 11:44:56 GMT
date: Tue, 26 Nov 2024 11:43:26 GMT
x-hubspot-correlation-id: 1958c8ed-3c5a-4d2a-96df-2a1877328715
content-type: application/javascript;charset=utf-8
vary: origin, Accept-Encoding
last-modified: Tue, 26 Nov 2024 11:43:26 GMT
cache-control: public, max-age=90
access-control-allow-credentials: true
cf-ray: 8e899eeeca3a18d3-FRA
accept-ranges: bytes
access-control-allow-origin: https://intel471.com
content-length: 581
server: cloudflare

GET
H2 200 app-dbc5d20d.js Show response
intel471.com/dist/assets/ 203 KB
75 KB 74ms
51ms Script
application/javascript 2606:4700:20::681a:f9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intel471.com/dist/assets/app-dbc5d20d.js

Requested by

Host: intel471.com
URL: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c331fdde0a24c4e9f0d0c33482125c03e66dcad91ca4b83b8ab1a7a0f9a84139

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://intel471.com
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 1044079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MSkOKqkAeFSfXtk%2FSgml2%2BsSPXTQVVh548hqRt0vfKtCdvr1%2BV2aehQ%2FkeKOqJ%2BrNiFjW%2FwNxBCl648QQP%2BSat1SYEF53cba5yNziWklJwVarsZOoQ6NPePHjV%2BIHBci9domyhovHkRmgw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 23:09:05 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=23502&sent=73&recv=35&lost=0&retrans=0&sent_bytes=62169&recv_bytes=2651&delivery_rate=1150908&cwnd=257&unsent_bytes=0&cid=312ae4900dcd20bb&ts=2799&x=0"
date: Tue, 26 Nov 2024 11:43:26 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 03 Oct 2024 22:59:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=2592000, stale-while-revalidate=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e899eedeee335e8-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 app-f2487995.css
intel471.com/dist/assets/ 117 KB
26 KB 73ms
51ms Stylesheet
text/css 2606:4700:20::681a:f9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intel471.com/dist/assets/app-f2487995.css

Requested by

Host: intel471.com
URL: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f248799540381cf6d71a028e05e9688b0901cb30a112bd9354ea2ac2f1501698

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 1044079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vD6Vz2nWgub1JmTdWlGFjhsQrdOzjRpJiw9rycqybhgOfQ%2B5OghSIWWD0JLzQ6tWrDPPFdD8rnwgKOS5yeB3Tn1%2FH9EuXGu5%2BuVxxx%2B8GGp9aGnZZ2aqBN0K5v68b%2B%2BZZZy6g%2FUIzTkusw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 23:09:05 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=23502&sent=46&recv=35&lost=0&retrans=0&sent_bytes=35083&recv_bytes=2651&delivery_rate=1150908&cwnd=257&unsent_bytes=0&cid=312ae4900dcd20bb&ts=2797&x=0"
date: Tue, 26 Nov 2024 11:43:26 GMT
content-type: text/css
last-modified: Thu, 03 Oct 2024 22:59:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=2592000, stale-while-revalidate=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e899eedeee235e8-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 AdobeStock_481618570.jpeg
intel471.imgix.net/ 2 KB
3 KB 127ms
32ms Image
image/avif 2a04:4e42::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intel471.imgix.net/AdobeStock_481618570.jpeg?auto=compress%2Cformat&crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=72&q=80&w=72&s=12d6e31a9dd2921e5febbd018774d1ad

Requested by

Host: intel471.com
URL: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

a2a2067e9f4b2766521ddf77cc6e55c751c088ba2c9b43c28818a1598967a7a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

age: 2556982
log-mgt-timing: fetch=695191,misspass=488,do_stream=0
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Tue, 26 Nov 2024 11:43:26 GMT
last-modified: Sun, 27 Oct 2024 21:27:04 GMT
x-served-by: cache-chi-klot8100166-CHI, cache-fra-etou8220112-FRA
vary: Accept, User-Agent
content-type: image/avif
log-mgt-origin: ip=216.239.34.53,port=443,name=F_production_tannhauser_shield_chi,status=200,reason=OK,method=GET,host=tannhauser-shield-tcim2ltlua-uc.a.run.app,path="/shield/AdobeStock_481618570.jpeg",qs="auto=compress&crop=focalpoint&fit=crop&fm=avif&fp-x=0.5&fp-y=0.5&h=72&q=80&s=12d6e31a9dd2921e5febbd018774d1ad&w=72",shield=CHI,src_ip,alternate_path=0
cache-control: public, max-age=7952400
backend_is_origin: 1
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2091
server: imgix
x-imgix-id: 88da7f4974264c7fd418a63d61da79d76eb33025

GET
H2 200 Malware-Intelligence-Data-Sheet-1200-%C3%97-600-px.png
intel471.imgix.net/ 2 KB
2 KB 125ms
32ms Image
image/avif 2a04:4e42::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intel471.imgix.net/Malware-Intelligence-Data-Sheet-1200-%C3%97-600-px.png?auto=compress%2Cformat&crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=72&q=80&w=72&s=23c315aba6daccd9274bccbcce28f8de

Requested by

Host: intel471.com
URL: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

714f7c90ba30ce1e60d2f28c142c3c21bcd4a8deb135e0f1e3c7e5aeb8e8d898

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

age: 8670
x-content-type-options: nosniff
x-cache: HIT
date: Tue, 26 Nov 2024 11:43:26 GMT
last-modified: Tue, 26 Nov 2024 09:18:56 GMT
x-served-by: cache-fra-etou8220112-FRA
vary: Accept, User-Agent
content-type: image/avif
cache-control: public, max-age=7862400
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1718
server: imgix
x-imgix-id: 3bd64d2350e821c6cf89e0b58c6949f92931d2d3

GET
H2 200 AdobeStock_517671963.jpeg
intel471.imgix.net/ 2 KB
2 KB 28ms
26ms Image
image/avif 2a04:4e42::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intel471.imgix.net/AdobeStock_517671963.jpeg?auto=compress%2Cformat&crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=72&q=80&w=72&s=85ffb16c4311369b2462a1e0e6ff5bf5

Requested by

Host: intel471.com
URL: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

09a9bb304fdf597f058a0d00a748eda7bb6228bce046601498f4b055e5fa4151

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

age: 1832375
x-content-type-options: nosniff
x-cache: HIT
date: Tue, 26 Nov 2024 11:43:26 GMT
last-modified: Tue, 05 Nov 2024 06:43:51 GMT
x-served-by: cache-fra-etou8220112-FRA
vary: Accept, User-Agent
content-type: image/avif
cache-control: public, max-age=7952400
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1666
server: imgix
x-imgix-id: 276fbb6ee0e694dbfe2a19f825bdf4292b6ee22d

GET
H2 200 loadingSpinner.svg
intel471.com/dist/svg/ 678 B
861 B 121ms
119ms Image
image/svg+xml 2606:4700:20::681a:f9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intel471.com/dist/svg/loadingSpinner.svg

Requested by

Host: intel471.com
URL: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3d9a6410d58253b5eef0dc22ed5a8318a4dbffd53d119d7d2665997af19615c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 1044079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qm5eZGE7M18%2F%2BMJ9D77CCbKKDkQXjb5XjHe%2B2Jwz0eLEddxU9nU1xzFkCBkWGGbV%2F0PkSjYazx2t0ripIGwf8FfIi%2FuTfCqU6u5lJtZXZL3RvteZ578LTUhcH7cL6ve2xTtOhjBC61BlPA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 07:00:40 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=21519&sent=149&recv=73&lost=0&retrans=11&sent_bytes=153531&recv_bytes=2785&delivery_rate=2225442&cwnd=257&unsent_bytes=0&cid=312ae4900dcd20bb&ts=3018&x=0"
date: Tue, 26 Nov 2024 11:43:26 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Oct 2024 22:59:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=2592000, stale-while-revalidate=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e899eef3fd435e8-FRA
server: cloudflare

GET
H2 200 rsz_adobestock_463542729.jpg
intel471.imgix.net/ 5 KB
5 KB 90ms
88ms Image
image/avif 2a04:4e42::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intel471.imgix.net/rsz_adobestock_463542729.jpg?auto=compress%2Cformat&crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=200&q=80&w=200&s=58ab07e9178d449ad8f23a17b5695aa1

Requested by

Host: intel471.com
URL: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

8b4aca7b7caadd8a8da8ea67fe8831e532f1829f66ebf80dd895d284ecc2fa13

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

age: 1725152
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Tue, 26 Nov 2024 11:43:26 GMT
last-modified: Wed, 06 Nov 2024 12:30:55 GMT
x-served-by: cache-chi-kigq8000026-CHI, cache-fra-etou8220112-FRA
vary: Accept, User-Agent
content-type: image/avif
cache-control: public, max-age=7948800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5287
server: imgix
x-imgix-id: 6f3a237d381709fea3fce4e8c7741a9ee6568546

GET
H2 200 htmx.min.js Show response
intel471.com/cpresources/1f967182/ 49 KB
19 KB 121ms
111ms Script
application/javascript 2606:4700:20::681a:f9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intel471.com/cpresources/1f967182/htmx.min.js?v=1732375002

Requested by

Host: intel471.com
URL: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

491955cd1810747d7d7b9ccb936400afb760e06d25d53e4572b64b6563b2784e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 245033
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iZ7iMzlvGz%2BKRJxTFF0JtxlB0ETfWitSrwnXMYsam7v8nB1rtpz4k%2BCrdO8QrZ%2FiGwRqCO4ZXJij0H6osSC23ZQrFiCz%2FsNrks3RSA9zQ7eOfuGWJ%2BHdvY0vQFmkJJXaEwajSuKEa7IBqw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 23 Dec 2024 15:24:15 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=22370&sent=152&recv=75&lost=0&retrans=11&sent_bytes=154458&recv_bytes=2873&delivery_rate=2225442&cwnd=257&unsent_bytes=0&cid=312ae4900dcd20bb&ts=3158&x=0"
date: Tue, 26 Nov 2024 11:43:26 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 23 Nov 2024 15:16:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=2592000, stale-while-revalidate=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e899ef0288d35e8-FRA
server: cloudflare

GET 34aa3307-b9b8-429e-a4f1-bbd288e494d2
https://intel471.com/ Frame 0
0

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 469 KB
138 KB 125ms
44ms Script
application/javascript 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16BW6xUCfaBzZ22aX/d1f5b864-78ac-4edc-96fe-7044e6fc07b4/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bb791d478cb17d5b1349d01b3aef6c8615e07ece92409acd9c7c9b4a15666ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

x-goog-metageneration: 3
access-control-expose-headers: *
x-goog-hash: crc32c=qqD84w==, md5=oEP3bmJlzV/Ly7FSjn5QvA==
cf-cache-status: HIT
etag: W/"a043f76e6265cd5fcbcbb1528e7e50bc"
age: 2926
content-encoding: br
x-goog-stored-content-encoding: identity
expires: Tue, 26 Nov 2024 11:54:41 GMT
x-goog-stored-content-length: 480584
date: Tue, 26 Nov 2024 11:43:27 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 26 Nov 2024 10:54:40 GMT
vary: Accept-Encoding
x-guploader-uploadid: AFiumC4nM7-7p5dcpD__MbaBYeY7GCh8CcfqtcyC6CFGhhgQpfXwis2OHKi0Jkuv5yKlXlTFKF_mr07Mtg
cache-control: public, max-age=300, must-revalidate
x-goog-storage-class: STANDARD
cf-ray: 8e899ef2de619012-FRA
access-control-allow-origin: *
x-goog-generation: 1732618480682893
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 269 KB
96 KB 108ms
52ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KBP9RXG

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16BW6xUCfaBzZ22aX/d1f5b864-78ac-4edc-96fe-7044e6fc07b4/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0723dabde7d3cac1cdd364609425b2fdd32f7cf5361f978bda25b2e71f52f1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 26 Nov 2024 11:43:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 11:43:27 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 26 Nov 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 97462
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 grain.jpg
intel471.com/dist/img/ 45 KB
46 KB 44ms
42ms Image
image/jpeg 2606:4700:20::681a:f9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intel471.com/dist/img/grain.jpg

Requested by

Host: intel471.com
URL: https://intel471.com/dist/assets/app-f2487995.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c048d1cfe7f2ca708b3095131a47123e57e10e8d3bbc13d4180517ebe5e24277

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/dist/assets/app-f2487995.css

Response headers

cf-bgj: h2pri
cf-cache-status: HIT
age: 1044079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MkSNorOgNHXEBg7RRJPrfx5yX%2FwPQnlIU0Kzw2%2Fm4KklgxGi7fM%2BaIPCPzjRLB%2BmeSy%2BFGG6mM7i1wYANIuYS2opTmTgJaadAkaK3taAcop7C0EYz%2Bq9BejIqJf1ZGJxqByzw7LfFz7bkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 21:10:15 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=22631&sent=174&recv=87&lost=0&retrans=11&sent_bytes=175328&recv_bytes=3118&delivery_rate=2225442&cwnd=257&unsent_bytes=0&cid=312ae4900dcd20bb&ts=3639&x=0"
date: Tue, 26 Nov 2024 11:43:27 GMT
content-type: image/jpeg
last-modified: Thu, 03 Oct 2024 22:59:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=2592000, stale-while-revalidate=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e899ef32b5435e8-FRA
accept-ranges: bytes
content-length: 46311
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 dual-block-stripes.svg
intel471.com/dist/svg/ 2 KB
1 KB 40ms
39ms Image
image/svg+xml 2606:4700:20::681a:f9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intel471.com/dist/svg/dual-block-stripes.svg

Requested by

Host: intel471.com
URL: https://intel471.com/dist/assets/app-f2487995.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

728f352c0aee0fc1e04027dd9611d87c6ac612a48b09d678ebe88f921faa49af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/dist/assets/app-f2487995.css

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 1044079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SaYQG1qY%2F6wgkYyO6EgO21%2FKVfWzU4LU7nfZeEwh%2FQEdm6EDlWlp%2Bv3j2Ejs4UZe2xAGdyJCqYLEvygaeVNn7N34q6wmeh7zPz3h4Qx5c4ASMjGr3yA36GqxgPcrAlhEBOw76FEXFsAbEA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 30 Nov 2024 03:49:25 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=22631&sent=171&recv=87&lost=0&retrans=11&sent_bytes=174140&recv_bytes=3118&delivery_rate=2225442&cwnd=257&unsent_bytes=0&cid=312ae4900dcd20bb&ts=3636&x=0"
date: Tue, 26 Nov 2024 11:43:27 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Oct 2024 22:59:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=2592000, stale-while-revalidate=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e899ef32b5935e8-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 footer-stripes.svg
intel471.com/dist/svg/ 784 B
779 B 57ms
56ms Image
image/svg+xml 2606:4700:20::681a:f9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intel471.com/dist/svg/footer-stripes.svg

Requested by

Host: intel471.com
URL: https://intel471.com/dist/assets/app-f2487995.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b9223c6d74da740758de73dbec31f4585577d5ae3522fd73e79ddd067f5e0f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/dist/assets/app-f2487995.css

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 1044078
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LxqR9uI4aHjndOpPs1H8TLIW76CNUECb0GVUhjkPvTrLmF4dEFMA0kPghCeHPtNoQxA7FAtuwR8HzDgcqlm84qRf5Ql1nJDWs%2BNidq2utuXa%2FVJEcLShJotlMVQCOy64exeE4e1hFNzLCw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 21:10:15 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=22631&sent=213&recv=87&lost=0&retrans=11&sent_bytes=222400&recv_bytes=3118&delivery_rate=2225442&cwnd=257&unsent_bytes=0&cid=312ae4900dcd20bb&ts=3654&x=0"
date: Tue, 26 Nov 2024 11:43:27 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Oct 2024 22:59:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=2592000, stale-while-revalidate=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e899ef33b6135e8-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 Segma-Semibold.woff2
intel471.com/dist/fonts/ 33 KB
34 KB 40ms
34ms Font
font/woff2 2606:4700:20::681a:f9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intel471.com/dist/fonts/Segma-Semibold.woff2

Requested by

Host: intel471.com
URL: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee1a4a7c38baf966fbe5e89f8a3887dc8c2b11ac2dae1069eab97ea67771743c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://intel471.com
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

cf-cache-status: HIT
age: 1044079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2Bjjj4%2BfSiORb6yX57e0erK2X%2BXWMzRHnzL3QPbRcFhOUsnwMFDIKHd%2FNNU4T40oDy%2BEScKrLhD0Zs9rQ5%2BmCo3MOcOhtdfwyps5ID7t2bXOg%2F9EepULpS2BwNM9dgx9chLff2AlmRGp6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 22:29:08 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=21492&sent=217&recv=113&lost=0&retrans=11&sent_bytes=223245&recv_bytes=3487&delivery_rate=2289366&cwnd=257&unsent_bytes=0&cid=312ae4900dcd20bb&ts=3696&x=0"
date: Tue, 26 Nov 2024 11:43:27 GMT
content-type: font/woff2
last-modified: Thu, 03 Oct 2024 22:59:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=2592000, stale-while-revalidate=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e899ef39bb035e8-FRA
accept-ranges: bytes
content-length: 33948
server: cloudflare

GET
H2 200 Segma-Regular.woff2
intel471.com/dist/fonts/ 32 KB
33 KB 42ms
36ms Font
font/woff2 2606:4700:20::681a:f9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intel471.com/dist/fonts/Segma-Regular.woff2

Requested by

Host: intel471.com
URL: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f03ddc269dc0dee8809b567e63713fc47714c4770e3e19e903c3e5c451bdc3ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://intel471.com
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

cf-cache-status: HIT
age: 1044079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ia%2Bldan2T%2FAk%2Fc1ibAYIRvn8WtKtijH7QqqUkkRVahZ%2FTHCEhM9PxqO3EcVLvz4YWIfxsBIwot5KfDwlvqTIeCey1%2FGYpJqhw4xzVksietdUfyLgaZWH8H04vldlDFR2ck4AdQXqSeP6Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 08 Nov 2024 22:48:27 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=21492&sent=273&recv=113&lost=0&retrans=11&sent_bytes=291697&recv_bytes=3487&delivery_rate=2289366&cwnd=257&unsent_bytes=0&cid=312ae4900dcd20bb&ts=3697&x=0"
date: Tue, 26 Nov 2024 11:43:27 GMT
content-type: font/woff2
last-modified: Thu, 03 Oct 2024 22:59:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=2592000, stale-while-revalidate=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e899ef39bb135e8-FRA
accept-ranges: bytes
content-length: 32724
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 Segma-Medium.woff2
intel471.com/dist/fonts/ 33 KB
33 KB 41ms
35ms Font
font/woff2 2606:4700:20::681a:f9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intel471.com/dist/fonts/Segma-Medium.woff2

Requested by

Host: intel471.com
URL: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96a529b24bf96b6b4f1024cf990fc06e18227cbb93a2d4c409d3d143d0b87eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://intel471.com
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

cf-cache-status: HIT
age: 1044079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5i4bd7eqyiE1ZlwjJQghmkwfneDNvJjSHytYpuzp%2FzX0xo2FV4sbeJgTLBWj993IU6ueTGXz8xWuC9sm4fAIukxoOMak3z%2BmxrR%2FixGc3z5GXhh00lQj%2B9r5tGwsW1a3xD4rn4RNK%2BGebA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 19 Nov 2024 21:17:51 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=21492&sent=246&recv=113&lost=0&retrans=11&sent_bytes=257801&recv_bytes=3487&delivery_rate=2289366&cwnd=257&unsent_bytes=0&cid=312ae4900dcd20bb&ts=3697&x=0"
date: Tue, 26 Nov 2024 11:43:27 GMT
content-type: font/woff2
last-modified: Thu, 03 Oct 2024 22:59:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=2592000, stale-while-revalidate=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e899ef39bb335e8-FRA
accept-ranges: bytes
content-length: 33300
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 Segma-Bold.woff2
intel471.com/dist/fonts/ 33 KB
34 KB 44ms
38ms Font
font/woff2 2606:4700:20::681a:f9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intel471.com/dist/fonts/Segma-Bold.woff2

Requested by

Host: intel471.com
URL: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93c2350abf2328bb9d305fe99eed08a29d6d717c5b356514426ca55771d097df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://intel471.com
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

cf-cache-status: HIT
age: 1044079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2FMDTDd8EjLPwIAEBZasIFR761e6Bxik3438JFaWqfUMffp11LlaRYodx8X4ijXKS8dcIRRJG5nAh%2BkQ77V8p%2B4a3gIJg7M2HgjANxiBmMF5u38V0DGYa%2BkJnuMaSM6xAMGL47lJnJgiIA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 19 Nov 2024 18:09:29 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=21492&sent=327&recv=113&lost=0&retrans=11&sent_bytes=359238&recv_bytes=3487&delivery_rate=2289366&cwnd=257&unsent_bytes=0&cid=312ae4900dcd20bb&ts=3699&x=0"
date: Tue, 26 Nov 2024 11:43:27 GMT
content-type: font/woff2
last-modified: Thu, 03 Oct 2024 22:59:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=2592000, stale-while-revalidate=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e899ef39bb635e8-FRA
accept-ranges: bytes
content-length: 34136
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 Segma-Black.woff2
intel471.com/dist/fonts/ 33 KB
33 KB 42ms
37ms Font
font/woff2 2606:4700:20::681a:f9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intel471.com/dist/fonts/Segma-Black.woff2

Requested by

Host: intel471.com
URL: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c79362d03128519d02896175dd05d6b57ec79d0335b0f9d8e84e22fc796783be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://intel471.com
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

cf-cache-status: HIT
age: 1044079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fiy8VdjmjRVsFoaCzKQQX856xTzCPVej0cG9j0OfO1qTqaddIp9rq3d3PhCeONSQXk3IfPZGWPrnczKkY4nGJVr7iArW4UTwabkBW9KuZs9lBs9uR0QK5wchfWBvy1gyoQM6NHmHWdYUuA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 09 Dec 2024 07:15:14 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=21492&sent=300&recv=113&lost=0&retrans=11&sent_bytes=325184&recv_bytes=3487&delivery_rate=2289366&cwnd=257&unsent_bytes=0&cid=312ae4900dcd20bb&ts=3698&x=0"
date: Tue, 26 Nov 2024 11:43:27 GMT
content-type: font/woff2
last-modified: Thu, 03 Oct 2024 22:59:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=2592000, stale-while-revalidate=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e899ef39bb735e8-FRA
accept-ranges: bytes
content-length: 33364
server: cloudflare

GET
H2 200 config.json Show response
cdn.acsbapp.com/config/intel471.com/ 164 B
711 B 412ms
210ms Fetch
application/json 2606:4700:10::6816:cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/config/intel471.com/config.json?page=%2Fblog%2Fa-look-at-trending-chinese-apt-techniques
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae5f96e16c5c7f9071f43081335e13d19f0fb115328eb0eb8e31ed0af2e5bd94

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=NbmI3Q==, md5=UzcUIhjGQW2Muzm3AQRBJw==
cf-cache-status: REVALIDATED
etag: W/"5337142218c6416d8cbb39b701044127"
content-encoding: br
x-goog-stored-content-encoding: identity
expires: Wed, 26 Nov 2025 11:43:28 GMT
x-goog-stored-content-length: 164
date: Tue, 26 Nov 2024 11:43:28 GMT
content-type: application/json
last-modified: Wed, 22 Feb 2023 01:36:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AFiumC6JAK1AnxCpM4TkSHCmTX0M0-qPo2eZrNNW3_PXxXdNFIEUINb1KD8b4zrv0hkcVAqLJymNNrer8g
cache-control: public, max-age=300, must-revalidate
x-goog-storage-class: STANDARD
cf-ray: 8e899ef8cdbcd3b0-FRA
access-control-allow-origin: *
x-goog-generation: 1677029792932206
server: cloudflare

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 249ms
39ms Script
application/javascript 2a02:26f0:3500:10::210:a9a
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16BW6xUCfaBzZ22aX/d1f5b864-78ac-4edc-96fe-7044e6fc07b4/osano.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

cache-control: max-age=31560
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Tue, 26 Nov 2024 11:43:28 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 background_2023-06-23-001731_grym.jpeg
intel471.imgix.net/ 1 MB
1 MB 23ms
22ms Image
image/avif 2a04:4e42::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intel471.imgix.net/background_2023-06-23-001731_grym.jpeg?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=2800&s=8ce11d35567206f0a2cf6eaffdc8f503

Requested by

Host: intel471.com
URL: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

3686634b8c0a1b8e8e00584fa4c06d27d6e77ed3a9321a42ed92c71d3b213a2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

age: 878879
x-content-type-options: nosniff
x-cache: HIT
date: Tue, 26 Nov 2024 11:43:28 GMT
last-modified: Sat, 16 Nov 2024 07:35:29 GMT
x-served-by: cache-fra-etou8220112-FRA
vary: Accept, User-Agent
content-type: image/avif
cache-control: public, max-age=7948800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1465746
server: imgix
x-imgix-id: 74513ecdf9a97eef74ef1b30bb181d268db30561

GET
H2 200 fig1_2024-11-19-042257_ttne.jpeg
intel471.imgix.net/ 125 KB
125 KB 67ms
67ms Image
image/avif 2a04:4e42::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intel471.imgix.net/fig1_2024-11-19-042257_ttne.jpeg?auto=compress%2Cformat&fit=clip&fm=webp&q=80&ratio=auto&w=1600&s=f16f73f40915e28704c68c046234b6b0

Requested by

Host: intel471.com
URL: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

669f8e71b23cd7c4c955734aab250d1075f66804fcbdf9cabc92db9c5973c2fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

age: 29834
x-content-type-options: nosniff
x-cache: HIT
date: Tue, 26 Nov 2024 11:43:28 GMT
last-modified: Tue, 26 Nov 2024 03:26:14 GMT
x-served-by: cache-fra-etou8220112-FRA
vary: Accept, User-Agent
content-type: image/avif
cache-control: public, max-age=7948800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 127524
server: imgix
x-imgix-id: 06618cd29d604b69bf9bc14135bc3ba2b4722abb

POST
H3 200 collect
www.google.com/ccm/ 0
0 85ms
36ms Ping
text/plain 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fintel471.com%2Fblog%2Fa-look-at-trending-chinese-apt-techniques&scrsrc=www.googletagmanager.com&frm=0&rnd=1075970654.1732621408&npa=1&us_privacy=1---&gtm=45He4bk0v841789118za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732621408145&tfd=4583&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBP9RXG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

GET df1a7058-9a50-4261-bd42-b6f89e41b03f
https://intel471.com/ Frame 0
0

GET 5b46cfaa-406e-4b34-888e-f619ba204de6
https://intel471.com/ Frame 0
0

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame C4C0 0
0 184ms
22ms Document
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fintel471.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBP9RXG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 569618
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Nov 2024 21:29:50 GMT
expires: Wed, 19 Nov 2025 21:29:50 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
816 B 415ms
140ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=6496548&time=1732621408285&url=https%3A%2F%2Fintel471.com%2Fblog%2Fa-look-at-trending-chinese-apt-techniques
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: *
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

x-li-pop: afd-prod-lva1-x
content-encoding: gzip
x-fs-uuid: 000627cf5b97573d5009ceb7d7d3d740
x-msedge-ref: Ref A: 9912FFBCC67A4336B5386E3826EF9F56 Ref B: DUS30EDGE0814 Ref C: 2024-11-26T11:43:28Z
x-li-fabric: prod-lva1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYnz1uXVz1QCc6319PXQA==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 26 Nov 2024 11:43:28 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6496548&time=1732621408285&url=https%3A%2F%2Fintel471.com%2Fblog%2Fa-look-at-trending-chinese-apt-techniques
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6496548&time=1732621408285&url=https%3A%2F%2Fintel471.com%2Fblog%2Fa-look-at-trending-chinese-apt-techniques&e_ipv6=AQIc5XaF7bZu8gAAAZNoSJlreCPLh...

0
267 B

420ms
166ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6496548&time=1732621408285&url=https%3A%2F%2Fintel471.com%2Fblog%2Fa-look-at-trending-chinese-apt-techniques&e_ipv6=AQIc5XaF7bZu8gAAAZNoSJlreCPLhwY7FYJ81ze61lWiiHXQf5jqLlROLvfU2n04RBOXMlUfacwSq2LSdjZzD9h9ybgDfQ
Requested by: Host: intel471.com
URL: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 36BC712C099E4CFEA8EC949DDBCCD72C Ref B: AMS04EDGE2509 Ref C: 2024-11-26T11:43:28Z
x-li-fabric: prod-ltx1
x-li-uuid: AAYnz1ud/q9DLMu+QnVYdQ==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Tue, 26 Nov 2024 11:43:28 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6496548&time=1732621408285&url=https%3A%2F%2Fintel471.com%2Fblog%2Fa-look-at-trending-chinese-apt-techniques&e_ipv6=AQIc5XaF7bZu8gAAAZNoSJlreCPLhwY7FYJ81ze61lWiiHXQf5jqLlROLvfU2n04RBOXMlUfacwSq2LSdjZzD9h9ybgDfQ
x-msedge-ref: Ref A: D64BA818573640FF9BD5D08DD3D0E2DF Ref B: DUS30EDGE0708 Ref C: 2024-11-26T11:43:28Z
x-li-fabric: prod-ltx1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid: AAYnz1uXKtg5pyZl21+faQ==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Tue, 26 Nov 2024 11:43:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 400 KB
130 KB 53ms
50ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LSWVFREYPP&l=dataLayer&cx=c&gtm=45He4bk0v841789118za200

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16BW6xUCfaBzZ22aX/d1f5b864-78ac-4edc-96fe-7044e6fc07b4/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d0dede6daa628af6f24ec4abcafdf84a6f0a5647c8ff864695a86281bce9e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 26 Nov 2024 11:43:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 11:43:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 132806
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 248 KB
89 KB 44ms
43ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10857834058&l=dataLayer&cx=c&gtm=45He4bk0v841789118za200

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16BW6xUCfaBzZ22aX/d1f5b864-78ac-4edc-96fe-7044e6fc07b4/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

722106c1ce1241d7ecb10644bbdb585a349f665d77ef800763ca403288189900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 26 Nov 2024 11:43:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 11:43:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 26 Nov 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90867
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
192 B 172ms
169ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: E7BDD39CED314E3CA5EA95C283C1614A Ref B: DUS30EDGE0708 Ref C: 2024-11-26T11:43:29Z
x-li-fabric: prod-ltx1
access-control-allow-credentials: true
x-li-uuid: AAYnz1ugioa1N0UIh2Gl3w==
x-li-proto: http/2
access-control-allow-origin: https://intel471.com
x-cache: CONFIG_NOCACHE
date: Tue, 26 Nov 2024 11:43:28 GMT
vary: Origin

GET
H2 200 favicon-32x32.png
intel471.com/ 1 KB
2 KB 55ms
54ms Other
image/png 2606:4700:20::681a:f9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intel471.com/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

848ba499f970c4460b912c9159139ab07117a8645e4c6bad8a9f587b98493367

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques

Response headers

cf-cache-status: HIT
age: 1044078
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wncpa8P4M3mq9VYwqORF89v89HdIGu4g85e0JI2SYH6WHFDvquQ9d1lR%2BTB56obVPnApcLsBjECQrwgG10W2CY1eAbZGfybSWUaEz%2BxWIKh3TERTsQRNN%2Bmj%2FdLObfFei1FKDmP6m90NpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 15:46:42 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=20222&sent=356&recv=169&lost=0&retrans=11&sent_bytes=393971&recv_bytes=3557&delivery_rate=7679813&cwnd=337&unsent_bytes=0&cid=312ae4900dcd20bb&ts=5652&x=0"
date: Tue, 26 Nov 2024 11:43:29 GMT
content-type: image/png
last-modified: Thu, 03 Oct 2024 22:59:04 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=2592000, stale-while-revalidate=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e899effbd7735e8-FRA
accept-ranges: bytes
content-length: 1459
x-xss-protection: 1; mode=block
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: intel471.com
URL: blob:https://intel471.com/34aa3307-b9b8-429e-a4f1-bbd288e494d2

Domain: intel471.com
URL: blob:https://intel471.com/df1a7058-9a50-4261-bd42-b6f89e41b03f

Domain: intel471.com
URL: blob:https://intel471.com/5b46cfaa-406e-4b34-888e-f619ba204de6

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.linkedin.com/	1970-01-21 10:02:37	Name: bcookie Value: "v=2&83e15fcd-f9b5-4e8b-86cd-be00efb7f5f6"
.linkedin.com/	1970-01-21 05:36:13	Name: li_gc Value: MTswOzE3MzI2MjE0MDg7MjswMjESQsmm3u6YfsSkD5oyXQPaijtMPImpVP+TlaoR4DuNfQ==
.linkedin.com/	1970-01-21 01:18:27	Name: lidc Value: "b=TGST06:s=T:r=T:a=T:p=T:g=3045:u=1:x=1:i=1732621408:t=1732707808:v=2:sig=AQEev1CQwTBPQVJX3rxTIMZ1WNfiz64i"

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://cmp.osano.com/16BW6xUCfaBzZ22aX/d1f5b864-78ac-4edc-96fe-7044e6fc07b4/osano.js(Line 1) Message: [Report Only] Refused to load the script 'https://snap.licdn.com/li.lms-analytics/insight.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: cmp.osano.com www.googletagmanager.com googleads.g.doubleclick.net acsbapp.com js.hsforms.net js.hs-scripts.com ws.zoominfo.com lltrck.com js.hs-banner.com js.hsadspixel.net js.hs-analytics.net js.hscollectedforms.net www.google-analytics.com cdn.plyr.io www.youtube.com craft-intel471.ddev.site:3000 www.google.com www.gstatic.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBP9RXG(Line 91) Message: [Report Only] Refused to connect to 'https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fintel471.com%2Fblog%2Fa-look-at-trending-chinese-apt-techniques&scrsrc=www.googletagmanager.com&frm=0&rnd=1075970654.1732621408&npa=1&us_privacy=1---&gtm=45He4bk0v841789118za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732621408145&tfd=4583&apve=1' because it violates the following Content Security Policy directive: "connect-src 'self' forms.hsforms.com cdn.plyr.io noembed.com analytics.google.com stats.g.doubleclick.net www.google-analytics.com cdn.cookielaw.org cdn.acsbapp.com api.hubapi.com forms.hscollectedforms.net wss://craft-intel471.ddev.site:3000 ws.zoominfo.com pagead2.googlesyndication.com tattle.api.osano.com px.ads.linkedin.com snap.licdn.com".
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBP9RXG(Line 91) Message: [Report Only] Refused to connect to 'https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fintel471.com%2Fblog%2Fa-look-at-trending-chinese-apt-techniques&scrsrc=www.googletagmanager.com&frm=0&rnd=1075970654.1732621408&npa=1&us_privacy=1---&gtm=45He4bk0v841789118za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732621408145&tfd=4583&apve=1' because it violates the following Content Security Policy directive: "connect-src 'self' forms.hsforms.com cdn.plyr.io noembed.com analytics.google.com stats.g.doubleclick.net www.google-analytics.com cdn.cookielaw.org cdn.acsbapp.com api.hubapi.com forms.hscollectedforms.net wss://craft-intel471.ddev.site:3000 ws.zoominfo.com pagead2.googlesyndication.com tattle.api.osano.com px.ads.linkedin.com snap.licdn.com".
security	error	URL: https://www.googletagmanager.com/ Message: [Report Only] Refused to frame 'https://www.googletagmanager.com/' because it violates the following Content Security Policy directive: "frame-src forms.hsforms.com www.youtube-nocookie.com www.google.com td.doubleclick.net".
security	error	URL: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques Message: [Report Only] Refused to load the image 'https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6496548&time=1732621408285&url=https%3A%2F%2Fintel471.com%2Fblog%2Fa-look-at-trending-chinese-apt-techniques' because it violates the following Content Security Policy directive: "img-src 'self' d39ec1uo9ktrut.cloudfront.net intel471.imgix.net i.ytimg.com forms.hsforms.com forms-na1.hsforms.com cdn.plyr.io www.google.com lltrck.com track.hubspot.com cdn.cookielaw.org data:".
security	error	URL: https://www.googletagmanager.com/ Message: [Report Only] Refused to frame 'https://www.googletagmanager.com/' because it violates the following Content Security Policy directive: "frame-src forms.hsforms.com www.youtube-nocookie.com www.google.com td.doubleclick.net".
security	error	URL: https://intel471.com/blog/a-look-at-trending-chinese-apt-techniques Message: [Report Only] Refused to load the image 'https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6496548&time=1732621408285&url=https%3A%2F%2Fintel471.com%2Fblog%2Fa-look-at-trending-chinese-apt-techniques&e_ipv6=AQIc5XaF7bZu8gAAAZNoSJlreCPLhwY7FYJ81ze61lWiiHXQf5jqLlROLvfU2n04RBOXMlUfacwSq2LSdjZzD9h9ybgDfQ' because it violates the following Content Security Policy directive: "img-src 'self' d39ec1uo9ktrut.cloudfront.net intel471.imgix.net i.ytimg.com forms.hsforms.com forms-na1.hsforms.com cdn.plyr.io www.google.com lltrck.com track.hubspot.com cdn.cookielaw.org data:".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
cdn.acsbapp.com
cmp.osano.com
intel471.com
intel471.imgix.net
js.hs-scripts.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
www.google.com
www.googletagmanager.com
intel471.com
13.107.42.14
2600:9000:223c:bc00:3:b7e:8940:93a1
2606:4700:10::6816:1cc
2606:4700:10::6816:cc
2606:4700:20::681a:f9e
2606:4700::6810:8bd1
2620:1ec:21::14
2a00:1450:4001:806::2008
2a00:1450:4001:828::2004
2a02:26f0:3500:10::210:a9a
2a04:4e42::720
0723dabde7d3cac1cdd364609425b2fdd32f7cf5361f978bda25b2e71f52f1f4
09a9bb304fdf597f058a0d00a748eda7bb6228bce046601498f4b055e5fa4151
0b9223c6d74da740758de73dbec31f4585577d5ae3522fd73e79ddd067f5e0f4
331c740d7f8e9ed0e273c42819cef720d6be4013258649f2536b12f7609b9e0e
3686634b8c0a1b8e8e00584fa4c06d27d6e77ed3a9321a42ed92c71d3b213a2c
3d0dede6daa628af6f24ec4abcafdf84a6f0a5647c8ff864695a86281bce9e44
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
491955cd1810747d7d7b9ccb936400afb760e06d25d53e4572b64b6563b2784e
669f8e71b23cd7c4c955734aab250d1075f66804fcbdf9cabc92db9c5973c2fc
714f7c90ba30ce1e60d2f28c142c3c21bcd4a8deb135e0f1e3c7e5aeb8e8d898
722106c1ce1241d7ecb10644bbdb585a349f665d77ef800763ca403288189900
728f352c0aee0fc1e04027dd9611d87c6ac612a48b09d678ebe88f921faa49af
848ba499f970c4460b912c9159139ab07117a8645e4c6bad8a9f587b98493367
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8b4aca7b7caadd8a8da8ea67fe8831e532f1829f66ebf80dd895d284ecc2fa13
8bb791d478cb17d5b1349d01b3aef6c8615e07ece92409acd9c7c9b4a15666ce
93c2350abf2328bb9d305fe99eed08a29d6d717c5b356514426ca55771d097df
96a529b24bf96b6b4f1024cf990fc06e18227cbb93a2d4c409d3d143d0b87eda
a2a2067e9f4b2766521ddf77cc6e55c751c088ba2c9b43c28818a1598967a7a4
a3d9a6410d58253b5eef0dc22ed5a8318a4dbffd53d119d7d2665997af19615c
ae5f96e16c5c7f9071f43081335e13d19f0fb115328eb0eb8e31ed0af2e5bd94
c048d1cfe7f2ca708b3095131a47123e57e10e8d3bbc13d4180517ebe5e24277
c331fdde0a24c4e9f0d0c33482125c03e66dcad91ca4b83b8ab1a7a0f9a84139
c4b236ad837ee8695de4c855d1737265c3b190bf511ffc8531ddbfcb66f7b5cb
c79362d03128519d02896175dd05d6b57ec79d0335b0f9d8e84e22fc796783be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5eb6e2d1268df285fe42265ba3f4f03d03082f72bd86d6854ad136210a13718
ee1a4a7c38baf966fbe5e89f8a3887dc8c2b11ac2dae1069eab97ea67771743c
f03ddc269dc0dee8809b567e63713fc47714c4770e3e19e903c3e5c451bdc3ac
f248799540381cf6d71a028e05e9688b0901cb30a112bd9354ea2ac2f1501698

intel471.com Open in urlscan Pro 2606:4700:20::681a:f9e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

36 Requests

89 %HTTPS

91 %IPv6

9 Domains

11 Subdomains

12 IPs

2 Countries

2467 kBTransfer

3972 kBSize

3 Cookies

43 Outgoing links

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

intel471.com Open in urlscan Pro
2606:4700:20::681a:f9e Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

89 %
HTTPS

91 %
IPv6

9
Domains

11
Subdomains

12
IPs

2
Countries

2467 kB
Transfer

3972 kB
Size

3
Cookies

36 HTTP transactions
0 data transactions