blog.checkpoint.com Open in urlscan Pro
141.193.213.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3cbSVuU
Effective URL:
https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakista...
Submission: On July 15 via manual (July 15th 2022, 9:21:28 pm UTC) from US — Scanned from DE

Summary HTTP 153 Redirects Links 139 Behaviour Indicators

Summary

This website contacted 32 IPs in 4 countries across 28 domains to perform 153 HTTP transactions. The main IP is 141.193.213.21, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is blog.checkpoint.com.
TLS certificate: Issued by R3 on June 11th 2022. Valid for: 3 months.

This is the only time blog.checkpoint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
27	141.193.213.21 141.193.213.21	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
6	2a02:26f0:350... 2a02:26f0:3500:581::38f0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
10	96.16.137.162 96.16.137.162	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:6c0... 2a02:26f0:6c00:294::1c91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	3.127.63.27 3.127.63.27	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	23.205.237.4 23.205.237.4	16625 (AKAMAI-AS) (AKAMAI-AS)
5	23.75.232.42 23.75.232.42	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	65.9.66.7 65.9.66.7	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
6	52.4.242.10 52.4.242.10	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	192.28.144.84 192.28.144.84	15224 (OMNITURE) (OMNITURE)
22	143.204.89.17 143.204.89.17	() ()
153	32

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 141.193.213.21 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

blog.checkpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:3500:581::38f0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.checkpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 96.16.137.162 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-137-162.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:294::1c91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.63.27 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-63-27.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.237.4 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-237-4.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.75.232.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-232-42.deploy.static.akamaitechnologies.com

abrtp1-cdn.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtp-static.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-7.fra56.r.cloudfront.net

assets.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

750-dqh-528.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.4.242.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-242-10.compute-1.amazonaws.com

trackingapi.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.28.144.84 (United States)

ASN15224 (OMNITURE, US)

abrtp1.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 143.204.89.17 (None, )

ASN- ()

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	checkpoint.com blog.checkpoint.com www.checkpoint.com — Cisco Umbrella Rank: 170536	551 KB
22	driftt.com js.driftt.com	278 KB
11	6sc.co j.6sc.co — Cisco Umbrella Rank: 8071 c.6sc.co — Cisco Umbrella Rank: 12137 ipv6.6sc.co — Cisco Umbrella Rank: 8326 b.6sc.co — Cisco Umbrella Rank: 5264	17 KB
10	marketo.com abrtp1-cdn.marketo.com — Cisco Umbrella Rank: 34072 rtp-static.marketo.com — Cisco Umbrella Rank: 17138 abrtp1.marketo.com — Cisco Umbrella Rank: 42707	124 KB
8	trendemon.com assets.trendemon.com — Cisco Umbrella Rank: 104546 trackingapi.trendemon.com — Cisco Umbrella Rank: 92393	51 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69 region1.google-analytics.com — Cisco Umbrella Rank: 2603	21 KB
6	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3323 onesignal.com — Cisco Umbrella Rank: 1161 img.onesignal.com — Cisco Umbrella Rank: 6333	103 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 485 www.linkedin.com — Cisco Umbrella Rank: 534 px4.ads.linkedin.com — Cisco Umbrella Rank: 5743	4 KB
4	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1654 m.addthis.com — Cisco Umbrella Rank: 1555	217 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	315 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 164	110 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3954	6 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 12262	867 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 101	148 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 819	70 KB
1	mktoresp.com 750-dqh-528.mktoresp.com — Cisco Umbrella Rank: 679715	318 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 543	354 B
1	t.co t.co — Cisco Umbrella Rank: 441	338 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 683	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 914	3 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4915	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 17	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 138	444 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 436	703 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1895	726 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 470	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 695	30 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 4806	369 B
153	28

	Domain	Requested by
27	blog.checkpoint.com	blog.checkpoint.com
22	js.driftt.com	blog.checkpoint.com js.driftt.com
8	b.6sc.co	blog.checkpoint.com
7	www.google-analytics.com	www.googletagmanager.com blog.checkpoint.com
6	trackingapi.trendemon.com	assets.trendemon.com
6	www.checkpoint.com	blog.checkpoint.com
5	abrtp1.marketo.com	abrtp1-cdn.marketo.com rtp-static.marketo.com
4	rtp-static.marketo.com	abrtp1-cdn.marketo.com
3	onesignal.com	cdn.onesignal.com
3	s7.addthis.com	blog.checkpoint.com s7.addthis.com
2	www.facebook.com
2	px.ads.linkedin.com	2 redirects
2	assets.trendemon.com	blog.checkpoint.com assets.trendemon.com
2	connect.facebook.net	blog.checkpoint.com connect.facebook.net
2	munchkin.marketo.net	blog.checkpoint.com munchkin.marketo.net
2	epsilon.6sense.com	j.6sc.co
2	www.googletagmanager.com	blog.checkpoint.com www.googletagmanager.com
2	cdn.onesignal.com	blog.checkpoint.com cdn.onesignal.com
2	maxcdn.bootstrapcdn.com	blog.checkpoint.com maxcdn.bootstrapcdn.com
1	750-dqh-528.mktoresp.com	munchkin.marketo.net
1	analytics.twitter.com
1	t.co
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	abrtp1-cdn.marketo.com	blog.checkpoint.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	img.onesignal.com	blog.checkpoint.com
1	www.google.de	blog.checkpoint.com
1	www.google.com	blog.checkpoint.com
1	region1.google-analytics.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	j.6sc.co	blog.checkpoint.com
1	code.jquery.com	blog.checkpoint.com
1	bit.ly	1 redirects
153	41

This site contains links to these domains. Also see Links.

Domain
www.checkpoint.com
supportcenter.checkpoint.com
usercenter.checkpoint.com
www.checkpoint.com.cn
help.checkpoint.com
training-certifications.checkpoint.com
cyberpark.checkpoint.com
partnerlocator.checkpoint.com
www.youtube.com
resources.checkpoint.com
catalog.checkpoint.com
research.checkpoint.com
www.cybertalk.org
community.checkpoint.com
pages.checkpoint.com
developer.checkpoint.com
www.facebook.com
twitter.com
www.linkedin.com
www.addthis.com

Subject Issuer	Validity	Valid
blog.checkpoint.com R3	`2022-06-11` - `2022-09-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.checkpoint.com DigiCert SHA2 Secure Server CA	`2022-01-06` - `2023-01-06`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.6sc.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-08` - `2023-03-11`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.6sense.com Amazon	`2022-05-31` - `2023-06-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
*.marketo.com DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-23` - `2022-07-22`	3 months	crt.sh
*.trendemon.com SSL.com RSA SSL subCA	`2022-07-12` - `2023-06-26`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
Frame ID: 13890F30FCC805A1E1626F26B8CD7A31
Requests: 104 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 8490CD2800954409473A0F6405B665DA
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 3C3A9CBA14FAB7DD8F528F41E3D4A9AB
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C46680C153F4ED739FFDAB10A7A096F1
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=0994fc15-07ec-4ae3-8035-baa604f20e9c&sessionStarted=1657920087.857&campaignRefreshToken=9ace9bf5-5db6-4c65-a471-05704b9d91a6&hideController=false&pageLoadStartTime=1657920080937&mode=CHAT&driftEnableLog=false&secureIframe=false
Frame ID: 60E9FCC5270500D2DE6D8C586677B6D4
Requests: 23 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657920080937
Frame ID: 307C49EC60CADD4CCC02EB19C0247B9F
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

A Hit is made: Suspected India-based Sidewinder APT successfully cyber attacks Pakistan military focused targets - Check Point Software FacebookTwitterLinkedInRedditEmailFacebookTwitterLinkedInRedditEmail

Page URL History Show full URLs

https://bit.ly/3cbSVuU HTTP 301
https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-c... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

particles.js (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

/particles(?:\.min)?\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Flickity (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/flickity(?:\.pkgd)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

153
Requests

82 %
HTTPS

45 %
IPv6

28
Domains

41
Subdomains

32
IPs

4
Countries

1750 kB
Transfer

4967 kB
Size

40
Cookies

139 Outgoing links

These are links going to different origins than the main page.

URL: https://www.checkpoint.com/latest-cyber-attacks/ransomware-pandemic/
Title: Learn more on how to stay protected from the latest Ransomware Pandemic

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/demos/
Title: Free Demo!

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/about-us/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://supportcenter.checkpoint.com/
Title: Support Center

Search URL Search Domain Scan URL

URL: https://usercenter.checkpoint.com/usercenter/index.jsp
Title: Sign In

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/threatcloud-incident-response/

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/
Title: English (English)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/es/
Title: Spanish (Español)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/fr/
Title: French (Français)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/de/
Title: German (Deutsch)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/it/
Title: Italian (Italiano)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/pt/
Title: Portuguese (Português)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/ru/
Title: Russian (Русский)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/jp/
Title: Japanese (日本語)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com.cn/
Title: Chinese (中文)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cz/
Title: Czech (čeština)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/id/
Title: Indonesian (Bahasa Indonesia)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/kr/
Title: Korean (한국어)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/nl/
Title: Dutch (Nederlands)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/pl/
Title: Polish (Polszczyzna)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/tr/
Title: Turkish (Türkçe)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/tw/
Title: Taiwan (繁體中文)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/vi/
Title: Vietnamese (Tiếng Việt)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/
Title: Quantum

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/maestro-hyperscale-network-security/
Title: Quantum Maestro

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/next-generation-firewall/lightspeed/
Title: Quantum Lightspeed

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/next-generation-firewall/
Title: Quantum Security Gateway

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/next-generation-firewall/small-business-security/
Title: Quantum Spark

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/edge-branch-virtual-security-gateway/
Title: Quantum Edge

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/iot-protect/
Title: Quantum IoT Protect

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/remote-access-vpn/
Title: Quantum VPN

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/unified-cyber-security-platform/smart-1-appliances/
Title: Quantum Smart-1

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/unified-cyber-security-platform/smart-1-cloud/
Title: Quantum Smart-1 Cloud

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/
Title: CloudGuard

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/cloud-network-security/
Title: CloudGuard Network

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/cloud-security-posture-management/
Title: CloudGuard Posture Management

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/workload-protection/
Title: CloudGuard Workload

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/appsec/
Title: CloudGuard AppSec

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/cloud-intelligence-threat-hunting/
Title: CloudGuard Intelligence

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/
Title: Harmony

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/advanced-endpoint-protection/
Title: Harmony Endpoint

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/connect-sase/
Title: Harmony Connect (SASE)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/browse/
Title: Harmony Browse

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/email-security/email-office/
Title: Harmony Email & Collaboration

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/mobile-security/mobile/
Title: Harmony Mobile

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/infinity-vision/
Title: Infinity-Vision

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/infinity-vision/infinity-portal/
Title: Infinity Portal

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/infinity-vision/infinity-soc/
Title: Infinity SOC

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/unified-cyber-security-platform/
Title: Infinity Unified Management

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/infinity-vision/threatcloud/
Title: ThreatCloud

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/mdr-services/
Title: Infinity MDR

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/
Title: View All Products A-Z >

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/infinity-vision/enterprise-license-agreement/?utm_source=cp-home&utm_medium=cp-website&utm_campaign=infinity_ela_menu_banner&utm_content=megamenu
Title: DISCOVER

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/cloud-security-solutions/
Title: Cloud Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/serverless-security/
Title: Serverless Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/container-security/
Title: Container Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/cloud-network-security/public-cloud-compliance-governance/
Title: Cloud Compliance & Governance

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/devsecops/
Title: DevOps Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/cloud-network-security/iaas-private-cloud-security/
Title: Private Cloud Network Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/amazon-aws-security/
Title: AWS Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/microsoft-azure-security/
Title: Azure Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cloudguard/google-cloud-platform-security/
Title: Google Cloud Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/quantum/network-security-solutions/
Title: Network Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/data-center-security/
Title: Hybrid Data Center

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/sd-wan-security/
Title: SD-WAN Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/zero-trust-security/
Title: Zero Trust Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/iot-security/
Title: IoT Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/endpoint-security/
Title: Endpoint Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/mobile-security/
Title: Mobile Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/anti-ransomware/
Title: Anti-Ransomware

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/anti-phishing/
Title: Anti-Phishing

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/security-operations/
Title: Security Operations

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/infinity-vision/zero-day-protection/
Title: Zero-Day Protection

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/
Title: Industry

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/retail/
Title: Retail

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/financial-services/
Title: Financial Services

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/government-federal-security/
Title: Government

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/healthcare/
Title: Healthcare

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/industrial-control-systems/
Title: Industrial Control Systems ICS & SCADA

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/service-provider/
Title: Telco / Service Provider

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/industry/education/
Title: Education

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/enterprise-network-security/
Title: Large Enterprise

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/small-medium-business/
Title: Small & Medium Business

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/consumer-small-business/
Title: Consumer & Small Business

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/
Title: Solutions Overview >

Search URL Search Domain Scan URL

URL: https://help.checkpoint.com/s/
Title: Create/View Service Request

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/contact-support/
Title: Contact Support

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/pro/
Title: Check Point Pro

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/support-plans/
Title: Support Programs

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/support-life-cycle-policy/
Title: Life Cycle Policy

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/software-license-agreement-limited-hardware-warranty/
Title: License Agreement & Warranty

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/rma-return-process/
Title: RMA Policy

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/mind/
Title: Mind

Search URL Search Domain Scan URL

URL: https://training-certifications.checkpoint.com/#/
Title: Training & Certification

Search URL Search Domain Scan URL

URL: https://cyberpark.checkpoint.com/
Title: Cyber Park

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/secureacademy/
Title: Secure Academy

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/mind/smartawareness/
Title: SmartAwareness

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/elearning/
Title: eLearning

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/clc/
Title: Redeem CLC Credits

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/professional-services/
Title: Professional Services

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/professional-services/account-management/
Title: Account Management

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/lifecycle-management/
Title: Lifecycle Management Services

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/security-consulting/
Title: Security Consulting

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/threatcloud-managed-security-service/
Title: ThreatCloud Managed Security Service

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/training/hackingpoint/
Title: View Courses

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/partners/channel/
Title: Become a Partner

Search URL Search Domain Scan URL

URL: https://partnerlocator.checkpoint.com/#/
Title: Find a Partner

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/technology-partners/
Title: Technology Partners

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/technology-partners/featured/
Title: Featured Technology Partners

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=gr2f2LqjUAE
Title: Watch Video

Search URL Search Domain Scan URL

URL: https://resources.checkpoint.com/
Title: Content Resource Center

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/trials/
Title: Product Trials

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/customer-stories/
Title: Customer Stories

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/events/
Title: Events

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/webinars/
Title: Webinars

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/videos/
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cyber-hub/
Title: Cyber Hub

Search URL Search Domain Scan URL

URL: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doShowprelanding&all
Title: Downloads & Documentation

Search URL Search Domain Scan URL

URL: https://catalog.checkpoint.com/
Title: Product Catalog

Search URL Search Domain Scan URL

URL: https://usercenter.checkpoint.com/usercenter/portal/media-type/html/role/usercenterUser/page/default.psml/js_pane/PricingToolsId,supportQuoteToolId
Title: Renewal Pricing Tool

Search URL Search Domain Scan URL

URL: https://research.checkpoint.com/
Title: Check Point Research

Search URL Search Domain Scan URL

URL: https://www.cybertalk.org/
Title: Cyber Talk for Executives

Search URL Search Domain Scan URL

URL: https://community.checkpoint.com/
Title: CheckMates Community

Search URL Search Domain Scan URL

URL: https://community.checkpoint.com/t5/General-Topics/CPX-360-2022/m-p/138585#M24678?utm_source=cp-home&utm_medium=cp-website&utm_campaign=cm_wr_21q4_ww_cpx_360_2022&utm_content=megamenu
Title: LEARN MORE

Search URL Search Domain Scan URL

URL: https://research.checkpoint.com/2022/state-sponsored-attack-groups-capitalise-on-russia-ukraine-war-for-cyber-espionage/
Title: published

Search URL Search Domain Scan URL

URL: https://pages.checkpoint.com/zero-trust-network-access-ztna-buyers-guide.html

Search URL Search Domain Scan URL

URL: https://pages.checkpoint.com/gartner-magic-quadrant-for-network-firewall-2021.html

Search URL Search Domain Scan URL

URL: https://pages.checkpoint.com/gartner-zero-trust-network-access-2022.html

Search URL Search Domain Scan URL

URL: https://pages.checkpoint.com/ultimate-iot-security-guide.html

Search URL Search Domain Scan URL

URL: https://pages.checkpoint.com/cyber-security-report-2021.html?utm_source=cp-home&utm_medium=cp-website&utm_campaign=pm_wr_21q1_ww_security_report

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/security-admins-guide-to-secure-remote-workforce/

Search URL Search Domain Scan URL

URL: https://developer.checkpoint.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/checkpointsoftware

Search URL Search Domain Scan URL

URL: https://twitter.com/checkpointsw

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/check-point-software-technologies

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/CPGlobal

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/copyright/
Title: Copyright

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3cbSVuU HTTP 301
https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1657920082524&url=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D51830%26time%3D1657920082524%26url%3Dhttps%253A%252F%252Fblog.checkpoint.com%252F2022%252F07%252F13%252Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1657920082524&url=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1657920082524&url=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&liSync=true&e_ipv6=AQKejWGhgDlyLAAAAYIDvNSVqvx5FvtyT4wnLoKuYNhpO8fFCKNTMrNj7j90UOFntr-9eJrK

153 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
Redirect Chain

https://bit.ly/3cbSVuU
https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

89 KB
16 KB

321ms
210ms

Document
text/html

141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

1cd77fa33ec62313d7136ad461e03d4330780534bd66c00ac56b5e8111e456e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 72b58c18aa056913-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 15 Jul 2022 21:21:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://blog.checkpoint.com/?p=243076>; rel=shortlink
server: cloudflare
strict-transport-security: max-age=63072000
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 12
x-cache-group: normal
x-cacheable: SHORT
x-frame-options: SAMEORIGIN
x-powered-by: WP Engine

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 238
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Fri, 15 Jul 2022 21:21:20 GMT
location: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
referrer-policy: unsafe-url
server: nginx
via: 1.1 google

GET
H2 200 style.min.css
blog.checkpoint.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 102ms
99ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Jun 2022 19:38:15 GMT
server: cloudflare
age: 2078618
etag: W/"62b21e27-15b26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 72b58c1a0c2b6913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 21 KB
6 KB 239ms
46ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css?ver=3.3.7

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.checkpoint.com/
Origin: https://blog.checkpoint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 1949994
cdn-cachedat: 2021-08-02 19:09:15
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 51c1016b7601ea8ee90345c43ec6ad12
cf-ray: 72b58c1b3acfbbe5-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.3.min.css
blog.checkpoint.com/wp-content/themes/frontend/css/ 118 KB
20 KB 103ms
100ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/frontend/css/bootstrap.3.min.css?ver=3.3.7

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9462c3d8fc4e698687d6fa7efdd3123606f6e235a179e7cb12cdb38f8ed7978

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2019 17:12:14 GMT
server: cloudflare
age: 12184293
etag: W/"5c990bee-1d942"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 72b58c1a0c2e6913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cp-header.css
blog.checkpoint.com/wp-content/themes/frontend/css/ 288 KB
38 KB 63ms
61ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/frontend/css/cp-header.css?ver=1.28

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbfee792bf942ccdf2773f1da1cbfbc03c553f29404dbd8b9da60beee9287081

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 13 Jun 2022 23:25:39 GMT
server: cloudflare
age: 2753996
etag: W/"62a7c773-47f62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 72b58c1a0c2f6913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
blog.checkpoint.com/wp-content/themes/frontend/ 21 KB
5 KB 62ms
59ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/frontend/style.css?ver=1.30

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ebc05ee3718b937da1a6906973dfc1cd668b3326dc5be9cadee4e1519b6a16d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Apr 2022 17:26:17 GMT
server: cloudflare
age: 8135186
etag: W/"6255b639-53e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 72b58c1a0c316913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 flickity.min.css
blog.checkpoint.com/wp-content/themes/frontend/css/ 2 KB
677 B 101ms
99ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/frontend/css/flickity.min.css?ver=1.0

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8da941d8a446516c824ebc9fb77b42e6b92c6deed1daed266bd821ed27bc516

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2019 17:12:14 GMT
server: cloudflare
age: 766319
etag: W/"5c990bee-71d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 72b58c1a0c336913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 255ms
63ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js?ver=6.0
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1657920081.dop147.fr8.t,1657920081.cds006.fr8.hn,1657920081.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 scripts.js Show response
blog.checkpoint.com/wp-content/themes/frontend/js/ 430 B
313 B 66ms
64ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/frontend/js/scripts.js?ver=1.0.0

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d245d96784beee8a8652270aaa63264158ef3a6aae0c4f76d051ee14c4de7d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2019 17:12:14 GMT
server: cloudflare
age: 3191482
etag: W/"5c990bee-1ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 72b58c1a0c356913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.3.min.js Show response
blog.checkpoint.com/wp-content/themes/frontend/js/lib/ 39 KB
11 KB 99ms
97ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/frontend/js/lib/bootstrap.3.min.js?ver=6.0

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Jul 2019 21:05:48 GMT
server: cloudflare
age: 2078618
etag: W/"5d26532c-9b00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 72b58c1a0c396913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.matchHeight.js Show response
blog.checkpoint.com/wp-content/themes/frontend/js/lib/ 12 KB
3 KB 64ms
63ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/frontend/js/lib/jquery.matchHeight.js?ver=6.0

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d6ba13b690dee4af8ac51913d50f8509c65be9516aa24e2f761b3a1aa96dbd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2019 17:12:14 GMT
server: cloudflare
age: 2078618
etag: W/"5c990bee-2e02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 72b58c1a0c3b6913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 flickity.pkgd.min.js Show response
blog.checkpoint.com/wp-content/themes/frontend/js/lib/ 54 KB
14 KB 66ms
65ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/frontend/js/lib/flickity.pkgd.min.js?ver=1.0.0

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe2df9f6df4b4a8d7174d259f563b8d9e28e4c03f8f4092fd9db6044e0e64c32

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2019 17:12:14 GMT
server: cloudflare
age: 258078
etag: W/"5c990bee-d7c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 72b58c1a0c3c6913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 single-post.js Show response
blog.checkpoint.com/wp-content/themes/frontend/js/ 485 B
343 B 65ms
63ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/frontend/js/single-post.js?ver=1.0.4

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4eabdbc55715edcfef23aef35a30d6dc56f207e057c5b81b821f858121bb4a7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 31 May 2019 14:33:11 GMT
server: cloudflare
age: 13846446
etag: W/"5cf13b27-1e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 72b58c1a0c3d6913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK under-attack.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 3 KB
4 KB 142ms
37ms Image
image/png 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/under-attack.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

7003b61166e5a477a9b5880cafe0a0420fef0af9e35562f81488c3b4c76cb156

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:21 GMT
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "c0c-5dca5addaf5bc"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/png
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 3084

GET
H/1.1 200
OK search-btn.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 2 KB
2 KB 142ms
37ms Image
image/png 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/search-btn.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

a7d7aa09becb2494f61a590c32dd433a7b0daf2bddf29c5f622ac84a4c197007

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:21 GMT
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "729-5dca5addaea04"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/png
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 1833

GET
H/1.1 200
OK checkpoint-logo.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 6 KB
7 KB 144ms
39ms Image
image/png 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/checkpoint-logo.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

bab4d95c3b1a677e3bc5c976e207d9a7189a14db8944c126474373f4cb9d91bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:21 GMT
Last-Modified: Tue, 18 Jan 2022 19:48:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "17d7-5d5e08e0a8d00"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/png
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 6103

GET
H3 200 indian-pakistan.jpg
blog.checkpoint.com/wp-content/uploads/2022/07/ 45 KB
46 KB 170ms
168ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/uploads/2022/07/indian-pakistan.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

562ccd4190cd291ad8527ce8a135846be7245466461a0d703e3ff55bf0bd18cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 207652
cf-polished: origSize=46430, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46422
last-modified: Mon, 11 Jul 2022 05:20:39 GMT
server: cloudflare
etag: "62cbb327-b55e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72b58c1bfd699018-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 default-blog.jpg
blog.checkpoint.com/wp-content/themes/frontend/img/ 44 KB
45 KB 157ms
155ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/themes/frontend/img/default-blog.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4222775ec34cb0566a2fbbf9130ab54ca54b9b23abd97a53786cb11682f92cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
cf-cache-status: HIT
age: 497222
cf-polished: origFmt=jpeg, origSize=120169
content-disposition: inline; filename="default-blog.webp"
strict-transport-security: max-age=63072000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45350
last-modified: Fri, 29 Apr 2022 19:23:58 GMT
server: cloudflare
etag: "626c3b4e-1d569"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72b58c1bfd6e9018-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 lightspeed-blog-ad-260x260-1.jpg
blog.checkpoint.com/wp-content/uploads/2022/01/ 23 KB
24 KB 133ms
131ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/uploads/2022/01/lightspeed-blog-ad-260x260-1.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a39743529eecf4fcd6bbac664fbdf469269eb0117dfa0461cfec8a22fad5dbc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
cf-cache-status: HIT
age: 497222
cf-polished: origFmt=jpeg, origSize=33215
content-disposition: inline; filename="lightspeed-blog-ad-260x260-1.webp"
strict-transport-security: max-age=63072000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23724
last-modified: Thu, 20 Jan 2022 22:40:57 GMT
server: cloudflare
etag: "61e9e4f9-81bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72b58c1bfd6f9018-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 ztna-buyers-guide-blog.png
blog.checkpoint.com/wp-content/uploads/2022/07/ 19 KB
20 KB 82ms
80ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/uploads/2022/07/ztna-buyers-guide-blog.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a5f44134f5fa51ca878a0b4f0a5421de6a82125b2bec68ed44722fe9b849da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
cf-cache-status: HIT
age: 231955
cf-polished: origFmt=png, origSize=20823
content-disposition: inline; filename="ztna-buyers-guide-blog.webp"
strict-transport-security: max-age=63072000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19678
last-modified: Fri, 01 Jul 2022 21:14:27 GMT
server: cloudflare
etag: "62bf63b3-5157"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72b58c1bfd729018-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 blog_side_banner_gartner_thumb_260-1.jpg
blog.checkpoint.com/wp-content/uploads/2021/11/ 19 KB
19 KB 58ms
56ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/uploads/2021/11/blog_side_banner_gartner_thumb_260-1.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

026a19e94cb1a1cf50f74c68251a8c12f0685450cb58b85083a457ef165f7525

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 497222
cf-polished: origSize=20027, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18945
last-modified: Mon, 22 Nov 2021 20:07:09 GMT
server: cloudflare
etag: "619bf86d-4e3b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72b58c1bfd769018-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 gartner-ztna-blog-260x260px.jpg
blog.checkpoint.com/wp-content/uploads/2022/04/ 33 KB
33 KB 193ms
191ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/uploads/2022/04/gartner-ztna-blog-260x260px.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

69c596d99119006e064249ae3e50a992142d43c43ff8a50c9fc9d6caec1951cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
cf-cache-status: HIT
age: 502730
cf-polished: origFmt=jpeg, origSize=34678
content-disposition: inline; filename="gartner-ztna-blog-260x260px.webp"
strict-transport-security: max-age=63072000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33422
last-modified: Wed, 27 Apr 2022 07:45:20 GMT
server: cloudflare
etag: "6268f490-8776"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72b58c1bfd779018-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 idc-iot-buyers-guide-300x200px.jpg
blog.checkpoint.com/wp-content/uploads/2021/04/ 30 KB
30 KB 203ms
201ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/uploads/2021/04/idc-iot-buyers-guide-300x200px.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2580e1986fce375c6ed96ac5eb8974cab06d2848b997560bb3c7f9dd5581c53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
cf-cache-status: HIT
age: 497222
cf-polished: origFmt=jpeg, origSize=39130
content-disposition: inline; filename="idc-iot-buyers-guide-300x200px.webp"
strict-transport-security: max-age=63072000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30498
last-modified: Fri, 30 Apr 2021 20:27:30 GMT
server: cloudflare
etag: "608c6832-98da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72b58c1bfd799018-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 security-report-2021-promo.jpg
blog.checkpoint.com/wp-content/uploads/2021/03/ 29 KB
29 KB 208ms
206ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/uploads/2021/03/security-report-2021-promo.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3111006bd360d7e022385e73923dbec02fcf791700ee201958e711a4d304623

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
cf-cache-status: HIT
age: 502730
cf-polished: origFmt=jpeg, origSize=46840
content-disposition: inline; filename="security-report-2021-promo.webp"
strict-transport-security: max-age=63072000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29662
last-modified: Tue, 23 Mar 2021 21:45:02 GMT
server: cloudflare
etag: "605a615e-b6f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72b58c1bfd7b9018-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 wfh-blog-2.jpg
blog.checkpoint.com/wp-content/uploads/2020/09/ 34 KB
34 KB 229ms
228ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/uploads/2020/09/wfh-blog-2.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8aaffdb6fd495c82977176b9267b8ff2c4fc68dafaa39cf9497d6ed3a5fd5c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
cf-cache-status: HIT
age: 497222
cf-polished: origFmt=jpeg, origSize=44884
content-disposition: inline; filename="wfh-blog-2.webp"
strict-transport-security: max-age=63072000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34468
last-modified: Wed, 09 Sep 2020 19:48:58 GMT
server: cloudflare
etag: "5f5931aa-af54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72b58c1bfd7e9018-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 automate-security-260x260-1.jpg
blog.checkpoint.com/wp-content/uploads/2020/11/ 28 KB
28 KB 155ms
154ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/uploads/2020/11/automate-security-260x260-1.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d980fa0fe8e5717bce42de7da9b8e88fff442f9d1a7ce591c2a4ab0507b8575

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 497222
cf-polished: origSize=28403, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28395
last-modified: Mon, 16 Nov 2020 18:15:57 GMT
server: cloudflare
etag: "5fb2c1dd-6ef3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72b58c1bfd7f9018-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 footer.js Show response
blog.checkpoint.com/wp-content/themes/frontend/js/ 9 KB
2 KB 65ms
64ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/frontend/js/footer.js?ver=1.4

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

25c233630850690d2004083919b0abbf1bf977301548ab3268d80646fac235aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 17:37:44 GMT
server: cloudflare
age: 231955
etag: W/"61f03568-229f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 72b58c1b7ccd9018-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 particles.min.js Show response
blog.checkpoint.com/wp-content/themes/frontend/js/lib/ 23 KB
6 KB 62ms
62ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/frontend/js/lib/particles.min.js?ver=6.0

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2019 17:12:14 GMT
server: cloudflare
age: 2054819
etag: W/"5c990bee-5b44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 72b58c1bdd3f9018-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 app.js Show response
blog.checkpoint.com/wp-content/themes/frontend/js/lib/ 2 KB
909 B 193ms
193ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/frontend/js/lib/app.js?ver=6.0

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4b05f12d91c9f8b7c3bec26e49d7889b53885ed1b08e317e626490cba2c2967

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2019 17:12:14 GMT
server: cloudflare
age: 1932283
etag: W/"5c990bee-7d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 72b58c1bed629018-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 128ms
49ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.0
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72b58c1c6f1e9a2f-FRA
date: Fri, 15 Jul 2022 21:21:21 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 3282
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 18 Jul 2022 21:21:21 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 184ms
39ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Fri, 15 Jul 2022 21:21:21 GMT
x-host: s7.addthis.com
content-length: 116378

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 269 KB
79 KB 141ms
57ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e2174918b393aac08f576e1a26c26d438a894360f496fa0b94ad0c9c55403057

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80331
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Jul 2022 21:21:21 GMT

GET
H/1.1 200
OK bullet-prod.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 1 KB
2 KB 137ms
38ms Image
image/png 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/bullet-prod.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/wp-content/themes/frontend/css/cp-header.css?ver=1.28

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

b9d991f032b0f626a8b215af39aaae7ad4e1e262c9fad049b6f12a4fe7afb9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:21 GMT
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "403-5dca5addabf0c"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/png
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 1027

GET
H/1.1 200
OK search.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 2 KB
2 KB 136ms
37ms Image
image/png 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/search.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/wp-content/themes/frontend/css/cp-header.css?ver=1.28

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

fb8acb6ca1149529e5e25600bfaaa2aa77a353369dd5c8f63869f63a42279db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:21 GMT
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "67a-5dca5addaea04"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/png
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 1658

GET
H/1.1 200
OK intl.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 2 KB
3 KB 136ms
38ms Image
image/png 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/intl.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/wp-content/themes/frontend/css/cp-header.css?ver=1.28

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

76911468519fda64950773694e032587649fe089cf454e1f4afa005cd191772c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:21 GMT
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "84e-5dca5addae61c"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/png
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 2126

GET
H3 200 34CA47_6_0.woff2
blog.checkpoint.com/wp-content/themes/frontend/fonts/ 58 KB
58 KB 112ms
112ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/wp-content/themes/frontend/fonts/34CA47_6_0.woff2

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/wp-content/themes/frontend/style.css?ver=1.30

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fc686423c26cb1030032fd7e4f2dd664c4b08517a8990c0b46269dd4e01910b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.checkpoint.com/wp-content/themes/frontend/style.css?ver=1.30
Origin: https://blog.checkpoint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1943697
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59536
last-modified: Mon, 10 Jun 2019 21:56:55 GMT
server: cloudflare
etag: "5cfed227-e890"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72b58c1bfd829018-FRA

GET
H3 200 blog-post-bg.jpg
blog.checkpoint.com/wp-content/themes/frontend/img/ 8 KB
8 KB 208ms
208ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/themes/frontend/img/blog-post-bg.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/wp-content/themes/frontend/style.css?ver=1.30

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3a1f8b3ab8e4c86ad3f060fcf503c31e8020a2280e7647e0f763fef62632224

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/wp-content/themes/frontend/style.css?ver=1.30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
cf-cache-status: HIT
age: 497222
cf-polished: origFmt=jpeg, origSize=33743
content-disposition: inline; filename="blog-post-bg.webp"
strict-transport-security: max-age=63072000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8008
last-modified: Tue, 12 Apr 2022 01:20:33 GMT
server: cloudflare
etag: "6254d3e1-83cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72b58c1c1da99018-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/ 64 KB
65 KB 89ms
48ms Font
font/woff 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css?ver=3.3.7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css?ver=3.3.7
Origin: https://blog.checkpoint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617
age: 14816227
cdn-proxyver: 1.0
cdn-cachedat: 10/15/2021 15:17:09
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65452
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: "d95d6f5d5ab7cfefd09651800b69bd54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 0108f5c8ccc08d2374d4ebb45c8a6e0a
cdn-requestcountrycode: US
accept-ranges: bytes
cf-ray: 72b58c1c5f7692ba-FRA
cdn-cache: HIT
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 harmony-connect-blog.png
blog.checkpoint.com/wp-content/uploads/2022/07/ 28 KB
28 KB 158ms
158ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.checkpoint.com/wp-content/uploads/2022/07/harmony-connect-blog.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

69230d373df68804c4f0e88312fe400b97ca879bd9bd5ab8b785c3a56c108f6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
cf-cache-status: HIT
age: 119192
cf-polished: origFmt=png, origSize=30340
content-disposition: inline; filename="harmony-connect-blog.webp"
strict-transport-security: max-age=63072000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28408
last-modified: Thu, 14 Jul 2022 11:31:27 GMT
server: cloudflare
etag: "62cffe8f-7684"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72b58c1c6e0a9018-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 95ms
54ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72b58c1d8cc4bb91-FRA
date: Fri, 15 Jul 2022 21:21:21 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 3310
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 18 Jul 2022 21:21:21 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
69 KB 134ms
57ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-48VXKGDGCV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9d3adffb59fef7c0687aac31a7ec8f9b3aa6daa83e2622e2559a489da6ceb555

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71093
x-xss-protection: 0
expires: Fri, 15 Jul 2022 21:21:21 GMT

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 31 KB
10 KB 128ms
37ms Script
application/javascript 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

8e038b564510a45dc11799f74da367733f3db7f9c0a0434f1e90c44ec5168278

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 9715
Pragma: no-cache
Last-Modified: Thu, 05 May 2022 03:45:17 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6273484d-7b02"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Fri, 15 Jul 2022 21:21:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 121ms
37ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 924
date: Fri, 15 Jul 2022 21:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 15 Jul 2022 23:05:57 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 132ms
37ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=21397
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5e31d98cbedf7ed2/ 2 KB
726 B 315ms
307ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5e31d98cbedf7ed2/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 30581cee80fdc00a20dde03fe67c68d41453254863b15e9aefa09314eb342d2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
content-encoding: gzip
etag: 337578481--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=56, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 550

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 318ms
295ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=62d1da51e910f539&bkl=0&bl=1&pdt=664&sid=62d1da51e910f539&pub=ra-5e31d98cbedf7ed2&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=blog.checkpoint.com&fp=2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1657920081595&jsl=1&uvs=62d1da51c0b3bd1e000&skipb=1&callback=addthis.cbs.jsonp__032323758580806270
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 28b5267fa6522c1734edd61020a3f0a24a8cc9a91d4d58799c450e36b3f24855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:21:21 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 8490 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 3C3A 71 KB
26 KB 68ms
68ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://blog.checkpoint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Fri, 15 Jul 2022 21:21:21 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
703 B 133ms
41ms XHR
application/json 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Jul 2022 21:21:21 GMT
X-Proxy-Origin: 80.255.7.102; 80.255.7.102; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c03bda10-c291-4579-a456-fa44a3517180
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://blog.checkpoint.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
375 B 124ms
37ms XHR
text/plain 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-137-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3eace2186259faa82a70f1f0626326432f33b2c201312874ba53688766fb5a62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:21 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://blog.checkpoint.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

GET
H2 200 / Show response
ipv6.6sc.co/ 20 B
257 B 133ms
38ms XHR
text/html 2a02:26f0:6c00:294::1c91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1c91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: bfd3189d965573e36997f170667b1ceef5cfd0471b6f5be228ca6ac7bcb97c23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:21:21 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://blog.checkpoint.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a01:4a0:1338:92::12
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 20
expires: Fri, 15 Jul 2022 21:21:21 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 142ms
47ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-194688-3&cid=1111219255.1657920082&jid=1284292628&gjid=2063233374&_gid=1439174808.1657920082&_u=YGBAgEABAAAAAE~&z=312348490

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.checkpoint.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 15 Jul 2022 21:21:21 GMT
content-type: text/plain
access-control-allow-origin: https://blog.checkpoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 113ms
37ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=433447452&t=pageview&_s=1&dl=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&ul=en-us&de=UTF-8&dt=A%20Hit%20is%20made%3A%20Suspected%20India-based%20Sidewinder%20APT%20successfully%20cyber%20attacks%20Pakistan%20military%20focused%20targets%20-%20Check%20Point%20Software&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1284292628&gjid=2063233374&cid=1111219255.1657920082&tid=UA-194688-3&_gid=1439174808.1657920082&gtm=2wg7d05JCRGP&z=1087489119

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 11:03:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37073
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/8fda8b9d-6ba7-4357-8125-c6df304f7ef8/ 3 KB
2 KB 87ms
87ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/8fda8b9d-6ba7-4357-8125-c6df304f7ef8/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e9fc492002b12463033e6cf0e0fd06d8bf92b86fbf4d7355406a424a672208f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-permitted-cross-domain-policies: none
status: 200 OK
x-envoy-upstream-service-time: 22
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: efa48bc4-c97d-4725-95df-49cd7dfe1f3d
x-runtime: 0.021168
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"9e9fc492002b12463033e6cf0e0fd06d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 72b58c1e7a399a2f-FRA
access-control-allow-headers: SDK-Version
expires: Fri, 15 Jul 2022 22:21:21 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
340 B 129ms
45ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-48VXKGDGCV&gtm=2oe7d0&_p=433447452&_z=ccd.v9B&cid=1111219255.1657920082&ul=en-us&sr=1600x1200&_s=1&sid=1657920081&sct=1&seg=0&dl=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&dt=A%20Hit%20is%20made%3A%20Suspected%20India-based%20Sidewinder%20APT%20successfully%20cyber%20attacks%20Pakistan%20military%20focused%20targets%20-%20Check%20Point%20Software&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VXKGDGCV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:21:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.checkpoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 1 KB
867 B 126ms
46ms XHR
application/json 3.127.63.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.63.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-63-27.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7b9c9bef26e7982b7f751a9b5f66db6e6fe8cc25640a19fcc27a91bd58c21dd4

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://blog.checkpoint.com/
accept-language: de-DE,de;q=0.9
Authorization: Token 08e578d30e2119adb1ab60b02b8f1dd15c6b908d
EpsilonCookie: cbd5ce17de85000051dad1625b0200009c915700

Response headers

date: Fri, 15 Jul 2022 21:21:22 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://blog.checkpoint.com
access-control-allow-credentials: true
content-length: 680

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 155ms
40ms Preflight 3.127.63.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.63.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-63-27.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,epsiloncookie
Access-Control-Request-Method: GET
Origin: https://blog.checkpoint.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,epsiloncookie
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://blog.checkpoint.com
access-control-max-age: 1800
date: Fri, 15 Jul 2022 21:21:21 GMT
server: nginx

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 52ms
51ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72b58c1f2f78bb91-FRA
date: Fri, 15 Jul 2022 21:21:21 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 2483
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 14 Aug 2022 21:21:21 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 307ms
223ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=cbd5ce17de85000051dad1625b0200009c915700&session=26442692-fa7f-47d0-8fb5-2c8de5e8d4aa&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Fri%2C%2015%20Jul%202022%2021%3A21%3A21%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Check%20Point%20Research%20(CPR)%20reported%20evidence%20suggesting%20that%20Pakistan%20Air%20Force%E2%80%99s%20Headquarters%20was%20a%20victim%20of%20a%20successful%20attack%20conducted%20by%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20A%20Hit%20is%20made%3A%20Suspected%20India-based%20Sidewinder%20APT%20successfully%20cyber%20attacks%20Pakistan%20military%20focused%20targets%20-%20Check%20Point%20Software%20%20%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&pageViewId=ae14f92c-c6a6-462d-87ac-d3664bef8a12&an_uid=0

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:22 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 310ms
225ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=cbd5ce17de85000051dad1625b0200009c915700&session=26442692-fa7f-47d0-8fb5-2c8de5e8d4aa&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A1338%3A92%3A%3A12%22%7D&isIframe=false&m=%7B%22description%22%3A%22Check%20Point%20Research%20(CPR)%20reported%20evidence%20suggesting%20that%20Pakistan%20Air%20Force%E2%80%99s%20Headquarters%20was%20a%20victim%20of%20a%20successful%20attack%20conducted%20by%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20A%20Hit%20is%20made%3A%20Suspected%20India-based%20Sidewinder%20APT%20successfully%20cyber%20attacks%20Pakistan%20military%20focused%20targets%20-%20Check%20Point%20Software%20%20%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&pageViewId=ae14f92c-c6a6-462d-87ac-d3664bef8a12&an_uid=0

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:22 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 146ms
62ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-194688-3&cid=1111219255.1657920082&jid=1284292628&_u=YGBAgEABAAAAAE~&z=867977760

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:21:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 133ms
49ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-194688-3&cid=1111219255.1657920082&jid=1284292628&_u=YGBAgEABAAAAAE~&z=867977760

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:21:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/8fda8b9d-6ba7-4357-8125-c6df304f7ef8/ 184 B
639 B 114ms
72ms Fetch
application/json 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/8fda8b9d-6ba7-4357-8125-c6df304f7ef8/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

876d97f7c44b69a70ef0d0ef12e0f1206d3e61366ada2d59e0d3c810c616c872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:21 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: none
status: 200 OK
x-envoy-upstream-service-time: 9
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 458fee20-343b-432b-9d27-cc88bb1ee9b6
x-runtime: 0.007501
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"876d97f7c44b69a70ef0d0ef12e0f120"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 72b58c1fca07691f-FRA
access-control-allow-headers: SDK-Version

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 64ms
64ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Fri, 15 Jul 2022 21:21:21 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 44f2f794-9e04-404d-a8ae-4d233d4bb07b
img.onesignal.com/permanent/ 20 KB
20 KB 456ms
446ms Image
image/png 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onesignal.com/permanent/44f2f794-9e04-404d-a8ae-4d233d4bb07b
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e777c757a34f77964886a0a1f6ff9c4506073a4c81b58f0e69d8362f147540b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:22 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: NM032B08JV13W2A4
x-amz-meta-cache-control: public, maxage=604800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20409
x-amz-id-2: JT/gxdZ/JfYDspuzOg1/zVlD2/4heUJT7oq2LJm+BZUAHPtG1l34ZEdHBkIMgh8zc94wW0yuWMo=
last-modified: Wed, 19 Jan 2022 17:37:53 GMT
server: cloudflare
etag: "c29b83503b310974ac257516575270c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 72b58c204d4c9a2f-FRA
expires: Mon, 15 Aug 2022 21:21:22 GMT

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
37ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=433447452&t=event&ni=1&_s=1&dl=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&ul=en-us&de=UTF-8&dt=A%20Hit%20is%20made%3A%20Suspected%20India-based%20Sidewinder%20APT%20successfully%20cyber%20attacks%20Pakistan%20military%20focused%20targets%20-%20Check%20Point%20Software&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=aGDAgEABAAAAAE~&jid=&gjid=&cid=1111219255.1657920082&tid=UA-194688-3&_gid=1439174808.1657920082&gtm=2wg7d05JCRGP&cd9=Credit%20Suisse&cd10=credit-suisse.com&cd11=Financial%20Services&cd12=10%2C000%2B&cd13=Buying%20Stage%201-3%20%20%2F%2F%20Azure%20Install%20Base%2CFana%20Test%201%2CBuying%20Stage%202%3A%20Consideration%20-%20SC%2C2022%20Website%20visitors%2CBuying%20Stage%201%3A%20Awareness%20-%20SC%2CHarmony_BO_20210816_DO_NOT_TOUCH%2CWW%20%2F%2F%20Bombora%20Keyword%20%2F%2F%20Ransomware%20%2F%2F%207%20Days&cd14=%245B%2B&cd16=47860&cd17=Germany&z=1592593655

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 11:03:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37074
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 116ms
38ms Script
application/x-javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=37014
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 55 KB
15 KB 128ms
38ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:22 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 16:20:35 GMT
etag: "f345fa1999011d396bda3b2c6fafc302+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15166
x-served-by: cache-iad-kiad7000026-IAD, cache-hhn11521-HHN

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 121ms
37ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H/1.1 200
OK rtp.js Show response
abrtp1-cdn.marketo.com/rtp-api/v1/ 152 KB
42 KB 324ms
51ms Script
application/x-javascript 23.75.232.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=checkpoint

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.75.232.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-232-42.deploy.static.akamaitechnologies.com

Software

Jetty(9.4.45.v20220203) /

Resource Hash

f6d1e937279bbc0bc50adfc0d8de2b05b11239c589263cdfae98f3f9f519abd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 02:16:43 GMT
Server: Jetty(9.4.45.v20220203)
Date: Fri, 15 Jul 2022 21:21:22 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: public, max-age=27
Connection: keep-alive
Content-Length: 42630

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 116ms
39ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26001
x-xss-protection: 0
pragma: public
x-fb-debug: PE/wGEVKjHUpS5jJTt08Zg6SGyiOrx1YMjqMuy6KtBRpkxTB40BKfhHSqn9tu9uYQNilwmjaPmsIMbem0j6AWw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 15 Jul 2022 21:21:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 trends.min.js Show response
assets.trendemon.com/tag/ 216 KB
42 KB 149ms
37ms Script
application/javascript 65.9.66.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.trendemon.com/tag/trends.min.js
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-7.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97d551a9fa0041d9e3f3b4c423456c4628e9747f26cb458a0ec31df371d13507

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 02:05:31 GMT
content-encoding: gzip
last-modified: Tue, 14 Jun 2022 07:21:23 GMT
server: AmazonS3
age: 69391
etag: "a4b0c4b00b77fc4cda03669b33482a80"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 43019
x-amz-cf-id: _DLECBwxOBh-jJGBDxBJ15WdafzNqe4zNJcuiHES77CWi0mklMyUmg==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1657920082524&url=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D51830%26time%3D1657920082524%26url%3Dhttps%253A%252F%252Fblog.checkpoint.com%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1657920082524&url=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1657920082524&url=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully...

0
264 B

273ms
186ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1657920082524&url=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&liSync=true&e_ipv6=AQKejWGhgDlyLAAAAYIDvNSVqvx5FvtyT4wnLoKuYNhpO8fFCKNTMrNj7j90UOFntr-9eJrK
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:22 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 0E791686EE5F43A18A774039F2333A41 Ref B: FRAEDGE1516 Ref C: 2022-07-15T21:21:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXj3pmjfEWE/EzANwZdSg==
x-li-fabric: prod-ltx1

Redirect headers

date: Fri, 15 Jul 2022 21:21:22 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 9CC64AEC29684A7BB1EF2E3C725E9487 Ref B: FRAEDGE1506 Ref C: 2022-07-15T21:21:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1657920082524&url=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&liSync=true&e_ipv6=AQKejWGhgDlyLAAAAYIDvNSVqvx5FvtyT4wnLoKuYNhpO8fFCKNTMrNj7j90UOFntr-9eJrK
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXj3pmeLRCbvZpUeJCDLQ==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/161/ 11 KB
5 KB 38ms
37ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/161/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 00:38:21 GMT
Server: AkamaiNetStorage
ETag: "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4681
Expires: Sun, 23 Oct 2022 21:21:22 GMT

GET
H3 200 1692853834349189 Show response
connect.facebook.net/signals/config/ 291 KB
84 KB 79ms
39ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1692853834349189?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

439aa1d77d705d1a589128a5939662f546936a4cbf9828631649f2c586a8c341

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85605
x-xss-protection: 0
pragma: public
x-fb-debug: uyxPxUPKTPB4chxD/i/3Hpc0YN7j9UuPhKu5mB1e3frjXW+MtGT7ciGYYngLdnPNifxH0IkXZk3MAvhQ2s8T/A==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 15 Jul 2022 21:21:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
338 B 288ms
205ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=c11b6d68-480f-41d8-a9b1-0bfce439e9f2&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=c559123d-90f9-47ad-9b92-a62013ff9f27&tw_document_href=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxi3o&type=javascript&version=2.4.12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 168
date: Fri, 15 Jul 2022 21:21:22 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 7779eabbcb1d5257202760aa31305a7035409e6b81694d140d783db0f297f0fe
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
354 B 280ms
198ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=c11b6d68-480f-41d8-a9b1-0bfce439e9f2&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=c559123d-90f9-47ad-9b92-a62013ff9f27&tw_document_href=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxi3o&type=javascript&version=2.4.12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 161
date: Fri, 15 Jul 2022 21:21:21 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 75be4f17bb17e701afbb7a0e60d6d22071d59a2c88c6c11a7138d62e390df2c3
content-length: 43

POST
H/1.1 200
OK visitWebPage
750-dqh-528.mktoresp.com/webevents/ 2 B
318 B 637ms
120ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://750-dqh-528.mktoresp.com/webevents/visitWebPage?_mchNc=1657920082575&_mchCn=&_mchId=750-DQH-528&_mchTk=_mch-checkpoint.com-1657920082575-71548&_mchHo=blog.checkpoint.com&_mchPo=&_mchRu=%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:23 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 2084b22a-4975-476e-a435-bd3a03cb668d

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 216ms
216ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=cbd5ce17de85000051dad1625b0200009c915700&session=26442692-fa7f-47d0-8fb5-2c8de5e8d4aa&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2015%20Jul%202022%2021%3A21%3A22%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2015%20Jul%202022%2021%3A21%3A21%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%221003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Check%20Point%20Research%20(CPR)%20reported%20evidence%20suggesting%20that%20Pakistan%20Air%20Force%E2%80%99s%20Headquarters%20was%20a%20victim%20of%20a%20successful%20attack%20conducted%20by%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20A%20Hit%20is%20made%3A%20Suspected%20India-based%20Sidewinder%20APT%20successfully%20cyber%20attacks%20Pakistan%20military%20focused%20targets%20-%20Check%20Point%20Software%20%20%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&pageViewId=ae14f92c-c6a6-462d-87ac-d3664bef8a12&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:22 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 2336 Show response
trackingapi.trendemon.com/api/settings/ 746 B
885 B 407ms
129ms Script
application/x-javascript 52.4.242.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/settings/2336?callback=jsonp917918&vid=
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.242.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-242-10.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 953671f0a46bcb13b043debb0b41c9fa027909eaab0364fa2668a2334f4e66ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:21:23 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 746
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 116ms
38ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1692853834349189&ev=PageView&dl=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&rl=&if=false&ts=1657920082715&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1657920082714.1387372204&it=1657920082543&coo=false&exp=u0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 15 Jul 2022 21:21:22 GMT

GET
H/1.1 200
OK jquery.min.js Show response
rtp-static.marketo.com/rtp/libs/jquery/1.8.3/ 91 KB
33 KB 290ms
44ms Script
application/x-javascript 23.75.232.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery/1.8.3/jquery.min.js
Requested by: Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=checkpoint
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.232.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-232-42.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Sep 2015 11:20:15 GMT
Server: AkamaiNetStorage
ETag: "3576a6e73c9dccdbbc4a2cf8ff544ad7:1441624815"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 33467

GET
H/1.1 200
OK jquery-ui-insightera-custom-1.9.6.css
rtp-static.marketo.com/rtp/libs/ 22 KB
4 KB 284ms
39ms Stylesheet
text/css 23.75.232.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery-ui-insightera-custom-1.9.6.css
Requested by: Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=checkpoint
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.232.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-232-42.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2017 08:57:42 GMT
Server: AkamaiNetStorage
ETag: "7f5b0bee9b1f7af8413b351cbceca223:1510045062"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 3752

GET
H/1.1 200
OK trw Show response
abrtp1.marketo.com/gw1/ 0
435 B 632ms
120ms Script
application/x-javascript 192.28.144.84
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp1.marketo.com/gw1/trw?aid=checkpoint&trwv.uid=checkpoint-1657920082789-629014a2&trwv.vc=1&trwsa.sid=checkpoint-1657920082790-df8671f7&trwsb.cpv=1&ctzo=-00:00&uri=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&ma=id%3A750-DQH-528%26token%3A_mch-checkpoint.com-1657920082575-71548&pm=&viewedTypes=&rts=1657920082793

Requested by

Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=checkpoint

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.144.84 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:23 GMT
Cache-Control: no-cache
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Strict-Transport-Security: max-age=63113904
Content-Type: application/x-javascript;charset=utf-8

GET
H/1.1 200
OK ga-integration-2.0.4.js Show response
rtp-static.marketo.com/rtp/libs/ 17 KB
6 KB 278ms
38ms Script
application/x-javascript 23.75.232.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.4.js
Requested by: Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=checkpoint
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.232.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-232-42.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 278cd45917f5fee0e5710b34f2c03a3652544fe5a6ccea56cbbd0bd7324bf5e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Jun 2021 07:56:23 GMT
Server: AkamaiNetStorage
ETag: "cfd84ea6865e772828527b0485a0eb7e:1622706982.648039"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 5540

GET
H/1.1 200
OK msg Show response
abrtp1.marketo.com/gw1/ 0
426 B 580ms
119ms Script
text/javascript 192.28.144.84
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp1.marketo.com/gw1/msg?a=2&sid=checkpoint-1657920082790-df8671f7&aid=checkpoint&ma=id%3A750-DQH-528%26token%3A_mch-checkpoint.com-1657920082575-71548&viewedTypes=&0.9315646158703443&rts=1657920082845

Requested by

Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=checkpoint

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.144.84 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:23 GMT
Cache-Control: no-cache
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Strict-Transport-Security: max-age=63113904
Content-Type: text/javascript;charset=utf-8

GET
H2 200 identity.min.js Show response
assets.trendemon.com/global/ 17 KB
6 KB 38ms
38ms Script
application/javascript 65.9.66.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.trendemon.com/global/identity.min.js
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-7.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 2a5818fde3ebf72d87983e461992e10484ac717b5ebb07c8735ed34fd13dc37c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 03:26:16 GMT
content-encoding: gzip
age: 70673
x-powered-by: Express
x-cache: Hit from cloudfront
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
trd-ts: 2022-07-10T03:26:07.861Z
last-modified: Tue, 14 Jun 2022 07:18:46 GMT
etag: W/"46f8-18161143ff0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: Vv7TJy3Ks4D2YhIDVj-B-iNnkjBtaE0zNmnGkudDGOeL2dxba-F11g==

GET
H/1.1 200
OK jquery-custom-ui.min.js Show response
rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/ 126 KB
35 KB 51ms
51ms Script
application/x-javascript 23.75.232.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/jquery-custom-ui.min.js
Requested by: Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=checkpoint
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.232.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-232-42.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 12:54:21 GMT
Server: AkamaiNetStorage
ETag: "5a9f8dd85d85afd20544bd437a505338:1515502461"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 35484

GET
H2 200 me Show response
trackingapi.trendemon.com/api/Identity/ 94 B
507 B 138ms
138ms Script
application/x-javascript 52.4.242.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/Identity/me?accountId=2336&DomainCookie=16579200831000505&fingerPrint=5191693ce35e987e316615467d418965&callback=jsonp280989&vid=
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.242.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-242-10.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: de577454583dc704235ea5155bbed9f1ebe779780f9f45a108f1286790a61d0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:21:23 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 94
content-type: application/x-javascript; charset=UTF-8

POST
H3 200 / Show response
www.facebook.com/tr/ Frame C466 0
18 B 78ms
37ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://blog.checkpoint.com
Referer: https://blog.checkpoint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://blog.checkpoint.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 21:21:23 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK visitor Show response
abrtp1.marketo.com/gw1/rtp/api/v1_1/ 628 B
1 KB 477ms
119ms XHR
application/json 192.28.144.84
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp1.marketo.com/gw1/rtp/api/v1_1/visitor?sid=checkpoint-1657920082790-df8671f7&aid=checkpoint&1657920083281

Requested by

Host: rtp-static.marketo.com
URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.144.84 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

0104a101479585f7363d4800e2935b5265c0de094c9cf1fb29911330e0cc4533

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: No-cache
Date: Fri, 15 Jul 2022 21:21:23 GMT
Strict-Transport-Security: max-age=63113904
Last-Modified: Fri Jul 15 16:21:23 CDT 2022
Server: Jetty(9.4.45.v20220203)
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://blog.checkpoint.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: close
Transfer-Encoding: chunked
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sgm Show response
abrtp1.marketo.com/gw1/ga/ 271 B
725 B 478ms
121ms XHR
text/json 192.28.144.84
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp1.marketo.com/gw1/ga/sgm?sid=checkpoint-1657920082790-df8671f7&1657920083282

Requested by

Host: rtp-static.marketo.com
URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.144.84 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

baa9b4dd9539a2d165cfee6c920b84b55742f26a219b6ae9828670454a05e0e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:23 GMT
Server: Jetty(9.4.45.v20220203)
Strict-Transport-Security: max-age=63113904
Content-Type: text/json;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Content-Length: 271

GET
H2 200 marketingautomation Show response
trackingapi.trendemon.com/api/ 94 B
231 B 137ms
137ms Script
application/x-javascript 52.4.242.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/marketingautomation?AccountId=2336&ClientUrl=aHR0cHM6Ly9ibG9nLmNoZWNrcG9pbnQuY29tLzIwMjIvMDcvMTMvYS1oaXQtaXMtbWFkZS1zdXNwZWN0ZWQtaW5kaWEtYmFzZWQtc2lkZXdpbmRlci1hcHQtc3VjY2Vzc2Z1bGx5LWN5YmVyLWF0dGFja3MtcGFraXN0YW4tbWlsaXRhcnktZm9jdXNlZC10YXJnZXRzLw%3D%3D&CookieId=16579200831000505&MaCookie=aWQ6NzUwLURRSC01MjgmdG9rZW46X21jaC1jaGVja3BvaW50LmNvbS0xNjU3OTIwMDgyNTc1LTcxNTQ4&MaCookieName=X21rdG9fdHJr&MaName=marketo&callback=jsonp225082&vid=2336:16579200831000505
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.242.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-242-10.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 3ea4c1df33b4b8931033cabfb7ddd6527bf654feff3eae81a4fdb4e9fea565a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:21:23 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 94
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 personal Show response
trackingapi.trendemon.com/api/experience/ 15 B
114 B 258ms
258ms Script
application/x-javascript 52.4.242.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/experience/personal?AccountId=2336&ClientUrl=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&MarketingAutomationCookie=id%3A750-DQH-528%26token%3A_mch-checkpoint.com-1657920082575-71548&ExcludeUnitsJson=%5B%5D&callback=jsonp899638&vid=2336:16579200831000505
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.242.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-242-10.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 7340f212de3028767f8c553497cb67782ea9f778aca1e5b7a070564cc65655ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 21:21:23 GMT
server: Kestrel
content-length: 15
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 pageview
trackingapi.trendemon.com/api/events/ 43 B
234 B 240ms
240ms Image
image/gif 52.4.242.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trackingapi.trendemon.com/api/events/pageview?accountId=2336&url=aHR0cHM6Ly9ibG9nLmNoZWNrcG9pbnQuY29tLzIwMjIvMDcvMTMvYS1oaXQtaXMtbWFkZS1zdXNwZWN0ZWQtaW5kaWEtYmFzZWQtc2lkZXdpbmRlci1hcHQtc3VjY2Vzc2Z1bGx5LWN5YmVyLWF0dGFja3MtcGFraXN0YW4tbWlsaXRhcnktZm9jdXNlZC10YXJnZXRzLw%3D%3D&cookie=16579200831000505&referral=&vid=2336:16579200831000505&r=1657920083394
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.242.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-242-10.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:21:23 GMT
server: Kestrel
age: 1691358
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 multiple
trackingapi.trendemon.com/api/events/client-app/ 43 B
234 B 242ms
241ms Image
image/gif 52.4.242.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trackingapi.trendemon.com/api/events/client-app/multiple?accountId=2336&url=aHR0cHM6Ly9ibG9nLmNoZWNrcG9pbnQuY29tLzIwMjIvMDcvMTMvYS1oaXQtaXMtbWFkZS1zdXNwZWN0ZWQtaW5kaWEtYmFzZWQtc2lkZXdpbmRlci1hcHQtc3VjY2Vzc2Z1bGx5LWN5YmVyLWF0dGFja3MtcGFraXN0YW4tbWlsaXRhcnktZm9jdXNlZC10YXJnZXRzLw%3D%3D&app=sixsense&names=%5B%22Buying%20Stage%201-3%20%20%2F%2F%20Azure%20Install%20Base%22%2C%22Fana%20Test%201%22%2C%22Buying%20Stage%202%3A%20Consideration%20-%20SC%22%2C%222022%20Website%20visitors%22%2C%22Buying%20Stage%201%3A%20Awareness%20-%20SC%22%2C%22Harmony_BO_20210816_DO_NOT_TOUCH%22%2C%22WW%20%2F%2F%20Bombora%20Keyword%20%2F%2F%20Ransomware%20%2F%2F%207%20Days%22%5D&vid=2336:16579200831000505&r=1657920083400
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.242.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-242-10.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 21:21:23 GMT
server: Kestrel
age: 1691358
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK msg Show response
abrtp1.marketo.com/gw1/ 0
426 B 120ms
119ms Script
text/javascript 192.28.144.84
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=checkpoint

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.144.84 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:23 GMT
Cache-Control: no-cache
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Strict-Transport-Security: max-age=63113904
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 243ms
243ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=cbd5ce17de85000051dad1625b0200009c915700&session=26442692-fa7f-47d0-8fb5-2c8de5e8d4aa&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2015%20Jul%202022%2021%3A21%3A23%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2015%20Jul%202022%2021%3A21%3A22%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Check%20Point%20Research%20(CPR)%20reported%20evidence%20suggesting%20that%20Pakistan%20Air%20Force%E2%80%99s%20Headquarters%20was%20a%20victim%20of%20a%20successful%20attack%20conducted%20by%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20A%20Hit%20is%20made%3A%20Suspected%20India-based%20Sidewinder%20APT%20successfully%20cyber%20attacks%20Pakistan%20military%20focused%20targets%20-%20Check%20Point%20Software%20%20%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&pageViewId=ae14f92c-c6a6-462d-87ac-d3664bef8a12&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:23 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
37ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 11:03:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37075
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
37ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=433447452&t=event&ni=1&_s=2&dl=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&ul=en-us&de=UTF-8&dt=A%20Hit%20is%20made%3A%20Suspected%20India-based%20Sidewinder%20APT%20successfully%20cyber%20attacks%20Pakistan%20military%20focused%20targets%20-%20Check%20Point%20Software&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=RTP&ea=Organization&el=Core-Backbone%20Gmbh&_u=aHDAgEABAAAAAE~&jid=&gjid=&cid=1111219255.1657920082&tid=UA-194688-3&_gid=1439174808.1657920082&gtm=2wg7d05JCRGP&cd9=Credit%20Suisse&cd10=credit-suisse.com&cd11=Financial%20Services&cd12=10%2C000%2B&cd13=Buying%20Stage%201-3%20%20%2F%2F%20Azure%20Install%20Base%2CFana%20Test%201%2CBuying%20Stage%202%3A%20Consideration%20-%20SC%2C2022%20Website%20visitors%2CBuying%20Stage%201%3A%20Awareness%20-%20SC%2CHarmony_BO_20210816_DO_NOT_TOUCH%2CWW%20%2F%2F%20Bombora%20Keyword%20%2F%2F%20Ransomware%20%2F%2F%207%20Days&cd14=%245B%2B&cd16=47860&cd17=Germany&cd1=Core-Backbone%20Gmbh&z=332183396

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 11:03:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37075
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
37ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 11:03:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37075
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
37ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=433447452&t=event&ni=1&_s=3&dl=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&ul=en-us&de=UTF-8&dt=A%20Hit%20is%20made%3A%20Suspected%20India-based%20Sidewinder%20APT%20successfully%20cyber%20attacks%20Pakistan%20military%20focused%20targets%20-%20Check%20Point%20Software&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=RTP-Segments&ea=Global&el=Core-Backbone%20Gmbh&_u=aHDAgEABAAAAAE~&jid=&gjid=&cid=1111219255.1657920082&tid=UA-194688-3&_gid=1439174808.1657920082&gtm=2wg7d05JCRGP&cd9=Credit%20Suisse&cd10=credit-suisse.com&cd11=Financial%20Services&cd12=10%2C000%2B&cd13=Buying%20Stage%201-3%20%20%2F%2F%20Azure%20Install%20Base%2CFana%20Test%201%2CBuying%20Stage%202%3A%20Consideration%20-%20SC%2C2022%20Website%20visitors%2CBuying%20Stage%201%3A%20Awareness%20-%20SC%2CHarmony_BO_20210816_DO_NOT_TOUCH%2CWW%20%2F%2F%20Bombora%20Keyword%20%2F%2F%20Ransomware%20%2F%2F%207%20Days&cd14=%245B%2B&cd16=47860&cd17=Germany&cd1=Core-Backbone%20Gmbh&z=175088563

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 11:03:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37075
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 232ms
231ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=cbd5ce17de85000051dad1625b0200009c915700&session=26442692-fa7f-47d0-8fb5-2c8de5e8d4aa&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2015%20Jul%202022%2021%3A21%3A24%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2015%20Jul%202022%2021%3A21%3A23%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Check%20Point%20Research%20(CPR)%20reported%20evidence%20suggesting%20that%20Pakistan%20Air%20Force%E2%80%99s%20Headquarters%20was%20a%20victim%20of%20a%20successful%20attack%20conducted%20by%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20A%20Hit%20is%20made%3A%20Suspected%20India-based%20Sidewinder%20APT%20successfully%20cyber%20attacks%20Pakistan%20military%20focused%20targets%20-%20Check%20Point%20Software%20%20%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&pageViewId=ae14f92c-c6a6-462d-87ac-d3664bef8a12&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:24 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 242ms
242ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=cbd5ce17de85000051dad1625b0200009c915700&session=26442692-fa7f-47d0-8fb5-2c8de5e8d4aa&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2015%20Jul%202022%2021%3A21%3A25%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2015%20Jul%202022%2021%3A21%3A24%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224006%22%7D&isIframe=false&m=%7B%22description%22%3A%22Check%20Point%20Research%20(CPR)%20reported%20evidence%20suggesting%20that%20Pakistan%20Air%20Force%E2%80%99s%20Headquarters%20was%20a%20victim%20of%20a%20successful%20attack%20conducted%20by%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20A%20Hit%20is%20made%3A%20Suspected%20India-based%20Sidewinder%20APT%20successfully%20cyber%20attacks%20Pakistan%20military%20focused%20targets%20-%20Check%20Point%20Software%20%20%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&pageViewId=ae14f92c-c6a6-462d-87ac-d3664bef8a12&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:25 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 222ms
222ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=cbd5ce17de85000051dad1625b0200009c915700&session=26442692-fa7f-47d0-8fb5-2c8de5e8d4aa&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2015%20Jul%202022%2021%3A21%3A26%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2015%20Jul%202022%2021%3A21%3A25%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%225006%22%7D&isIframe=false&m=%7B%22description%22%3A%22Check%20Point%20Research%20(CPR)%20reported%20evidence%20suggesting%20that%20Pakistan%20Air%20Force%E2%80%99s%20Headquarters%20was%20a%20victim%20of%20a%20successful%20attack%20conducted%20by%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20A%20Hit%20is%20made%3A%20Suspected%20India-based%20Sidewinder%20APT%20successfully%20cyber%20attacks%20Pakistan%20military%20focused%20targets%20-%20Check%20Point%20Software%20%20%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&pageViewId=ae14f92c-c6a6-462d-87ac-d3664bef8a12&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:26 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 wxbvs5zxy7iy.js Show response
js.driftt.com/include/1657920300000/ 210 KB
60 KB 393ms
163ms Script
application/javascript 143.204.89.17

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1657920300000/wxbvs5zxy7iy.js

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

9618254256558680f17697df7a39cdc18767e0a182d1c6e297db2289ddfc245e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: DTbtLK_xHSoJUMe1xiPsvLlWUYXLX9M5
content-encoding: gzip
etag: W/"4ca245695292c1aefe6420093212ca29"
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 15 Jul 2022 16:29:36 GMT
server: nginx
date: Fri, 15 Jul 2022 21:21:27 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: k4a4Axm7ryjmhmx2IcZJWqf_kOh_deJi0E_6Vo42dk8Zf3S5tiIBsg==

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 223ms
223ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=cbd5ce17de85000051dad1625b0200009c915700&session=26442692-fa7f-47d0-8fb5-2c8de5e8d4aa&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2015%20Jul%202022%2021%3A21%3A27%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2015%20Jul%202022%2021%3A21%3A26%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%226008%22%7D&isIframe=false&m=%7B%22description%22%3A%22Check%20Point%20Research%20(CPR)%20reported%20evidence%20suggesting%20that%20Pakistan%20Air%20Force%E2%80%99s%20Headquarters%20was%20a%20victim%20of%20a%20successful%20attack%20conducted%20by%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20A%20Hit%20is%20made%3A%20Suspected%20India-based%20Sidewinder%20APT%20successfully%20cyber%20attacks%20Pakistan%20military%20focused%20targets%20-%20Check%20Point%20Software%20%20%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblog.checkpoint.com%2F2022%2F07%2F13%2Fa-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets%2F&pageViewId=ae14f92c-c6a6-462d-87ac-d3664bef8a12&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 21:21:27 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame 60E9 2 KB
1 KB 146ms
146ms Document
text/html 143.204.89.17

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=0994fc15-07ec-4ae3-8035-baa604f20e9c&sessionStarted=1657920087.857&campaignRefreshToken=9ace9bf5-5db6-4c65-a471-05704b9d91a6&hideController=false&pageLoadStartTime=1657920080937&mode=CHAT&driftEnableLog=false&secureIframe=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1657920300000/wxbvs5zxy7iy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

5fdf4b7f20680ea7beb868565c927e3bd22bd36cb581b0e4b289e255ca6aec27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.checkpoint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 15 Jul 2022 21:21:27 GMT
etag: W/"253741ba7db73df33933503e8ae44de7"
last-modified: Fri, 15 Jul 2022 16:27:17 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
x-amz-cf-id: gBorXNIFQzLehRUuEBAyRghdSIkx0nZFU4lrCBrvFdHiuo2Bgy3Rtg==
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: HsG_RaBUThNKkCqcP65oTkfzema5M3qU
x-cache: RefreshHit from cloudfront

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 307C 2 KB
1 KB 146ms
146ms Document
text/html 143.204.89.17

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657920080937

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1657920300000/wxbvs5zxy7iy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

5fdf4b7f20680ea7beb868565c927e3bd22bd36cb581b0e4b289e255ca6aec27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.checkpoint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 15 Jul 2022 21:21:27 GMT
etag: W/"253741ba7db73df33933503e8ae44de7"
last-modified: Fri, 15 Jul 2022 16:27:17 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
x-amz-cf-id: H_uDnkCz8APteosARi5sJJhUbebahKG4cEOkLgwe-GwruLTdYpv4Ww==
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: HsG_RaBUThNKkCqcP65oTkfzema5M3qU
x-cache: RefreshHit from cloudfront

GET
H2 200 runtime~main.7f48044b.js Show response
js.driftt.com/core/assets/js/ Frame 60E9 6 KB
3 KB 40ms
38ms Script
application/javascript 143.204.89.17

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.7f48044b.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=0994fc15-07ec-4ae3-8035-baa604f20e9c&sessionStarted=1657920087.857&campaignRefreshToken=9ace9bf5-5db6-4c65-a471-05704b9d91a6&hideController=false&pageLoadStartTime=1657920080937&mode=CHAT&driftEnableLog=false&secureIframe=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

776cffaa56502ed4735b6651279206b4f8a01b1e78d66e7591d4f74a08a1bb82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=0994fc15-07ec-4ae3-8035-baa604f20e9c&sessionStarted=1657920087.857&campaignRefreshToken=9ace9bf5-5db6-4c65-a471-05704b9d91a6&hideController=false&pageLoadStartTime=1657920080937&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 16:27:16 GMT
content-encoding: gzip
age: 17652
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 15 Jul 2022 15:46:13 GMT
server: nginx
etag: W/"9ff96fba765783b0bb8f73738977836f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: II.L45TqVUSPiu1mxxXzoXnQzeBReIYh
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ra2JMV06kBX12kO9hkdCckTWBv1FZtaZhuWVgbBxUVGxWBowsFDsgA==

GET
H2 200 8.611ead2e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 60E9 35 KB
13 KB 43ms
41ms Script
application/javascript 143.204.89.17

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=0994fc15-07ec-4ae3-8035-baa604f20e9c&sessionStarted=1657920087.857&campaignRefreshToken=9ace9bf5-5db6-4c65-a471-05704b9d91a6&hideController=false&pageLoadStartTime=1657920080937&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 3115299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _RZ1GDjUm5KuW3ooz6jLFMyJffaKXq96
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OScSeFavVPpFVCnrPjZyVrFK7ocqOmtHLUp8BPaooooILqbS_dE2dA==

GET
H2 200 main~493df0b3.ac3a9470.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 60E9 7 KB
3 KB 44ms
42ms Script
application/javascript 143.204.89.17

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.ac3a9470.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

cc08221e904788853f9dbae9e845e8c88e947de904dcd007c0da0c4d18acd1de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=0994fc15-07ec-4ae3-8035-baa604f20e9c&sessionStarted=1657920087.857&campaignRefreshToken=9ace9bf5-5db6-4c65-a471-05704b9d91a6&hideController=false&pageLoadStartTime=1657920080937&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 3115299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:15 GMT
server: nginx
etag: W/"ab6db2ea528099e4b4bcafc90b1f14a6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9qbak4s_fS3U3ItMkJp51dxjDAaDzA89
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nBrcCpGmIIdFjiaK1G8CxRlZfOUihGlC9OVitT68_GOtlvC-o0keNg==

GET
H2 200 runtime~main.7f48044b.js Show response
js.driftt.com/core/assets/js/ Frame 307C 6 KB
3 KB 45ms
43ms Script
application/javascript 143.204.89.17

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.7f48044b.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657920080937

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

776cffaa56502ed4735b6651279206b4f8a01b1e78d66e7591d4f74a08a1bb82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657920080937
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 16:27:16 GMT
content-encoding: gzip
age: 17652
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 15 Jul 2022 15:46:13 GMT
server: nginx
etag: W/"9ff96fba765783b0bb8f73738977836f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: II.L45TqVUSPiu1mxxXzoXnQzeBReIYh
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: F2QDYdexljaAXaJV4V8poStZp6h824--OaQ1l97wl_AL7iPXfiOZJg==

GET
H2 200 8.611ead2e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 307C 35 KB
13 KB 48ms
47ms Script
application/javascript 143.204.89.17

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657920080937

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657920080937
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 3115299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _RZ1GDjUm5KuW3ooz6jLFMyJffaKXq96
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: P5ErFdyfawZYSGvpESo3IMjfMZY5dVFdscS8BSt3wGuZKbvWyGPpSg==

GET
H2 200 main~493df0b3.ac3a9470.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 307C 7 KB
3 KB 49ms
48ms Script
application/javascript 143.204.89.17

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.ac3a9470.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657920080937

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

cc08221e904788853f9dbae9e845e8c88e947de904dcd007c0da0c4d18acd1de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657920080937
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 3115299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:15 GMT
server: nginx
etag: W/"ab6db2ea528099e4b4bcafc90b1f14a6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9qbak4s_fS3U3ItMkJp51dxjDAaDzA89
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 79VVGe3zsMWk0ksVIzr9vVW_TcJ0C5myrpnNAtUXT2sMc1z0-CkwIA==

GET
H2 200 47.f4a0cab7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 60E9 47 KB
14 KB 42ms
41ms Script
application/javascript 143.204.89.17

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7f48044b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

dd7e25fe1547c7102760792d7b920ed5a289aa0224014594f856b5ab396dc0d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=0994fc15-07ec-4ae3-8035-baa604f20e9c&sessionStarted=1657920087.857&campaignRefreshToken=9ace9bf5-5db6-4c65-a471-05704b9d91a6&hideController=false&pageLoadStartTime=1657920080937&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 3115299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"58eb1e017120f28c6eea4aa3402a2042"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ghx9KuLEsU65toAWp7tNXfQomgxjyrbm
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: G01haBn-g00xlKVuzOa60sKI1tUhZs98z-3ZloyWrnlAXBFXnLfH3w==

GET
H2 200 22.fd21eb42.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 60E9 44 KB
13 KB 45ms
45ms Script
application/javascript 143.204.89.17

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.fd21eb42.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7f48044b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=0994fc15-07ec-4ae3-8035-baa604f20e9c&sessionStarted=1657920087.857&campaignRefreshToken=9ace9bf5-5db6-4c65-a471-05704b9d91a6&hideController=false&pageLoadStartTime=1657920080937&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 3115299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"cbf1bca421271b2567e00a478296192b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B9rIJ_he3NnZfaZwCr7GvLzRmtehknn.
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZeJVasspSiKltfDCUzh6-MwL5cZzszdsvHN00PbHaaNVqW7W07Wdgw==

GET
H2 200 39.0cc86423.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 60E9 25 KB
8 KB 47ms
47ms Script
application/javascript 143.204.89.17

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.0cc86423.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7f48044b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=0994fc15-07ec-4ae3-8035-baa604f20e9c&sessionStarted=1657920087.857&campaignRefreshToken=9ace9bf5-5db6-4c65-a471-05704b9d91a6&hideController=false&pageLoadStartTime=1657920080937&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 3115298
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3g.L2n28pTj8AcDJTW_JUnx4I1CqyPA9
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LHUyL_N1taD2FweIF9-8G9sT1WO7b_cJdQAvB56XRC1ugEDfOllGVg==

GET
H2 200 18.c13b3a33.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 60E9 16 KB
5 KB 49ms
49ms Script
application/javascript 143.204.89.17

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.c13b3a33.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7f48044b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3205178d8f4b21ab5dc10a089939e49dd276dea7b5047ef2b494ffea3b93b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=0994fc15-07ec-4ae3-8035-baa604f20e9c&sessionStarted=1657920087.857&campaignRefreshToken=9ace9bf5-5db6-4c65-a471-05704b9d91a6&hideController=false&pageLoadStartTime=1657920080937&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 3115299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"2e0e21fb7fd3dd146cc688e39d01d42e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6bdaEoVaogjxYdNJvlFfyTO_1fTxsp6o
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: C-pdFGneDbKurP74L_hKjsJr033zoaFZESuU7O_nGqC4-OThI5MOIw==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 60E9 74 KB
23 KB 54ms
52ms Script
application/javascript 143.204.89.17

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7f48044b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=0994fc15-07ec-4ae3-8035-baa604f20e9c&sessionStarted=1657920087.857&campaignRefreshToken=9ace9bf5-5db6-4c65-a471-05704b9d91a6&hideController=false&pageLoadStartTime=1657920080937&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 3115299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GCkJ4tZ_JW3xcmjJsO05feXt7md0igxo
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: x2ME7eyvkHXD2_f5eIn7ZnDatOXtaAo8skPcB8Xy7LJ0aPOcndBshw==

GET
H2 200 25.8f107198.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 60E9 59 KB
19 KB 60ms
58ms Script
application/javascript 143.204.89.17

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7f48044b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=0994fc15-07ec-4ae3-8035-baa604f20e9c&sessionStarted=1657920087.857&campaignRefreshToken=9ace9bf5-5db6-4c65-a471-05704b9d91a6&hideController=false&pageLoadStartTime=1657920080937&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 3115299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cyXTxSuCBvZx654ePqR2xs6GalDG76.D
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4Q1FaElyBUxhzPRyfDQqkT3nNfU1LVL9OT3mJp1plGAdYlBwMv1DXg==

GET
H2 200 13.3e86f1f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 60E9 91 KB
28 KB 66ms
63ms Script
application/javascript 143.204.89.17

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7f48044b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=0994fc15-07ec-4ae3-8035-baa604f20e9c&sessionStarted=1657920087.857&campaignRefreshToken=9ace9bf5-5db6-4c65-a471-05704b9d91a6&hideController=false&pageLoadStartTime=1657920080937&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 3115299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:12 GMT
server: nginx
etag: W/"fdee1a560ca08e3d3702e14d8f1f0b82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eWIFIo8DxLn4S25aWqEs5lrAyCB0pQZS
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cx8x-H__0sxSem0Y-g73-ZsyRtmxX4SPp_zKj_QRUPL6Boph1ZUwNw==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 60E9 23 KB
7 KB 71ms
69ms Script
application/javascript 143.204.89.17

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7f48044b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=0994fc15-07ec-4ae3-8035-baa604f20e9c&sessionStarted=1657920087.857&campaignRefreshToken=9ace9bf5-5db6-4c65-a471-05704b9d91a6&hideController=false&pageLoadStartTime=1657920080937&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 3115299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:12 GMT
server: nginx
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: g.TAX9Ljd1CKN2hPKg7rBsCyhJ70wktS
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yBDxwGvAHXFeUZqJAYS_-9bgv37D1tcZf_0MCtkzBfUyOQsKRlYENg==

GET
H2 200 16.fde6fa28.chunk.js
js.driftt.com/core/assets/js/ Frame 60E9 62 KB
20 KB 76ms
74ms Script
application/javascript 143.204.89.17

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fde6fa28.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7f48044b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=0994fc15-07ec-4ae3-8035-baa604f20e9c&sessionStarted=1657920087.857&campaignRefreshToken=9ace9bf5-5db6-4c65-a471-05704b9d91a6&hideController=false&pageLoadStartTime=1657920080937&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 3115298
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"90795af8c950a50300cf801b300db7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AZatU1G3W6aZgnPi8EiGVtSbHMH8e_3C
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 64eDHn30_YpSLsTuyLtxIVhDy_BcITgFCKyP7govFrGFbwS6BOKAng==

GET
H2 200 45.772158c8.chunk.js
js.driftt.com/core/assets/js/ Frame 60E9 105 KB
34 KB 81ms
80ms Script
application/javascript 143.204.89.17

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/45.772158c8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7f48044b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=0994fc15-07ec-4ae3-8035-baa604f20e9c&sessionStarted=1657920087.857&campaignRefreshToken=9ace9bf5-5db6-4c65-a471-05704b9d91a6&hideController=false&pageLoadStartTime=1657920080937&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 3115298
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"e683acc1d1d7a31204545c14f2e45dfc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Wo_uRM2rzEKAIONIW1ozWH.Ih3Zgd.66
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6tf0u_EmPrplFlqFvDZeRM8tfggubOM-MWh0kkrJeFf-HgdAKVOA0A==

GET
H2 200 37.9da17c94.chunk.js
js.driftt.com/core/assets/js/ Frame 60E9 12 KB
4 KB 87ms
86ms Script
application/javascript 143.204.89.17

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.9da17c94.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7f48044b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=0994fc15-07ec-4ae3-8035-baa604f20e9c&sessionStarted=1657920087.857&campaignRefreshToken=9ace9bf5-5db6-4c65-a471-05704b9d91a6&hideController=false&pageLoadStartTime=1657920080937&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 3115297
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"e5c98ad7a7e70a1957477e33db39149c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .1KvOWwhKDvJVSWzg49IMEkznsWNUcpl
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WGTGlJ8WoRlWFvymCR8u0VBWdKCATw5GnWj6bjJuGhspuy9PsV5GoQ==

GET
H2 200 28.ed383893.chunk.js
js.driftt.com/core/assets/js/ Frame 60E9 12 KB
5 KB 89ms
88ms Script
application/javascript 143.204.89.17

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.ed383893.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7f48044b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=0994fc15-07ec-4ae3-8035-baa604f20e9c&sessionStarted=1657920087.857&campaignRefreshToken=9ace9bf5-5db6-4c65-a471-05704b9d91a6&hideController=false&pageLoadStartTime=1657920080937&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 3115299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"910117b3f0a0501f693606963bfe4daf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: W4iSCS77kEC.SSNCcLhsvI35ESlRZh_5
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _pNGyL0GLQ-x1QyaBUemSGfVH-dcnNUPQLoGDse4FXTN0J-YpW3sIQ==

GET
H2 200 21.b8c41db9.chunk.js
js.driftt.com/core/assets/js/ Frame 60E9 17 KB
0 90ms
90ms Script
application/javascript 143.204.89.17

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.7f48044b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=0994fc15-07ec-4ae3-8035-baa604f20e9c&sessionStarted=1657920087.857&campaignRefreshToken=9ace9bf5-5db6-4c65-a471-05704b9d91a6&hideController=false&pageLoadStartTime=1657920080937&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 3115299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IYcZXStVL2CjeeCB9Www5YnCHKJfMMCs
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _kefaNxswj8cmDEkvjp_pNFH7GGNn6HiQCzkn6Xf47OG_HDPJZ3_kQ==

GET 9.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 60E9 0
0

GET 9.de66fab9.chunk.js
js.driftt.com/core/assets/js/ Frame 60E9 0
0

GET 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 60E9 0
0

GET 17.b33a6e0b.chunk.js
js.driftt.com/core/assets/js/ Frame 60E9 0
0

GET 24.8603213a.chunk.js
js.driftt.com/core/assets/js/ Frame 60E9 0
0

GET 15.e1f27fa3.chunk.js
js.driftt.com/core/assets/js/ Frame 60E9 0
0

GET 47.f4a0cab7.chunk.js
js.driftt.com/core/assets/js/ Frame 307C 0
0

GET 22.fd21eb42.chunk.js
js.driftt.com/core/assets/js/ Frame 307C 0
0

GET 39.0cc86423.chunk.js
js.driftt.com/core/assets/js/ Frame 307C 0
0

GET 18.c13b3a33.chunk.js
js.driftt.com/core/assets/js/ Frame 307C 0
0

GET 20.8c21ea18.chunk.js
js.driftt.com/core/assets/js/ Frame 307C 0
0

GET 25.8f107198.chunk.js
js.driftt.com/core/assets/js/ Frame 307C 0
0

GET 13.3e86f1f6.chunk.js
js.driftt.com/core/assets/js/ Frame 307C 0
0

GET 11.639238ba.chunk.js
js.driftt.com/core/assets/js/ Frame 307C 0
0

GET 16.fde6fa28.chunk.js
js.driftt.com/core/assets/js/ Frame 307C 0
0

GET 45.772158c8.chunk.js
js.driftt.com/core/assets/js/ Frame 307C 0
0

GET 37.9da17c94.chunk.js
js.driftt.com/core/assets/js/ Frame 307C 0
0

GET 28.ed383893.chunk.js
js.driftt.com/core/assets/js/ Frame 307C 0
0

GET 21.b8c41db9.chunk.js
js.driftt.com/core/assets/js/ Frame 307C 0
0

GET 9.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 307C 0
0

GET 9.de66fab9.chunk.js
js.driftt.com/core/assets/js/ Frame 307C 0
0

GET 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 307C 0
0

GET 17.b33a6e0b.chunk.js
js.driftt.com/core/assets/js/ Frame 307C 0
0

GET 24.8603213a.chunk.js
js.driftt.com/core/assets/js/ Frame 307C 0
0

GET 15.e1f27fa3.chunk.js
js.driftt.com/core/assets/js/ Frame 307C 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/css/9.5b0bb1c3.chunk.css

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/9.de66fab9.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/17.b33a6e0b.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/24.8603213a.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/15.e1f27fa3.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/22.fd21eb42.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/39.0cc86423.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/18.c13b3a33.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/25.8f107198.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/16.fde6fa28.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/45.772158c8.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/37.9da17c94.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/28.ed383893.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/css/9.5b0bb1c3.chunk.css

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/9.de66fab9.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/17.b33a6e0b.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/24.8603213a.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/15.e1f27fa3.chunk.js

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 08:51:12	Name: _bit Value: m6fllk-977cbde30daee7fe94-000
blog.checkpoint.com/	1970-01-20 14:02:14	Name: __atuvc Value: 1%7C28
blog.checkpoint.com/	1970-01-20 04:32:01	Name: __atuvs Value: 62d1da51c0b3bd1e000
.checkpoint.com/	1969-12-31 23:59:59	Name: referralURL Value:
.6sc.co/	1970-01-20 22:03:12	Name: 6suuid Value: cbd5ce17de85000051dad1625b0200009c915700
.checkpoint.com/	1970-01-20 04:33:26	Name: _gid Value: GA1.2.1439174808.1657920082
.checkpoint.com/	1970-01-20 04:32:00	Name: _dc_gtm_UA-194688-3 Value: 1
.addthis.com/	1970-01-20 14:02:14	Name: uvc Value: 1%7C28
.checkpoint.com/	1970-01-20 22:03:12	Name: _ga_48VXKGDGCV Value: GS1.1.1657920081.1.0.1657920081.0
blog.checkpoint.com/	1970-01-20 22:03:12	Name: _gd_svisitor Value: cbd5ce17de85000051dad1625b0200009c915700
blog.checkpoint.com/	1970-01-20 04:42:04	Name: _an_uid Value: 0
blog.checkpoint.com/	1970-01-20 22:03:12	Name: _gd_visitor Value: f1454323-81e0-4aea-81ef-59595d5b5257
blog.checkpoint.com/	1970-01-20 04:32:14	Name: _gd_session Value: 26442692-fa7f-47d0-8fb5-2c8de5e8d4aa
.addthis.com/	1970-01-20 14:02:14	Name: loc Value: MDAwMDBFVURFU04yMzA2MTkyMzAwODAwMDBDSA==
.checkpoint.com/	1970-01-20 22:03:12	Name: _ga Value: GA1.2.1111219255.1657920082
.checkpoint.com/	1970-01-20 22:03:12	Name: _mkto_trk Value: id:750-DQH-528&token:_mch-checkpoint.com-1657920082575-71548
.checkpoint.com/	1970-01-20 06:41:36	Name: _fbp Value: fb.1.1657920082714.1387372204
.checkpoint.com/	1970-01-20 22:03:12	Name: trwv.uid Value: checkpoint-1657920082789-629014a2%3A1
.checkpoint.com/	1970-01-20 04:32:01	Name: trwsa.sid Value: checkpoint-1657920082790-df8671f7%3A1
.linkedin.com/	1970-01-20 05:15:12	Name: UserMatchHistory Value: AQInBydSQK1azgAAAYIDvNMZxviTfyz3alAE65H45mBQOZOe13C49dP01yY_K1C3euKBuGjXXdOl-w
.linkedin.com/	1970-01-20 05:15:12	Name: AnalyticsSyncHistory Value: AQJNVVHWI2WpwgAAAYIDvNMZX_sI-tS98ElPFjCl1ZVJIll6P9JMngsAGJ-UeZ3zYFGx9gyiqlqY4h5TRV3tWg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 22:03:53	Name: bcookie Value: "v=2&22ca21f3-b86c-46a8-8563-ecf67830b65e"
.linkedin.com/	1970-01-20 04:33:26	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2794:u=1:x=1:i=1657920082:t=1658006482:v=2:sig=AQEztjY1QmV8Vv8e5gvJLeOK4es0IQRc"
.twitter.com/	1970-01-20 22:03:12	Name: personalization_id Value: "v1_A3H1V74d7lY7LGIMyJykFw=="
.t.co/	1970-01-20 22:03:12	Name: muc_ads Value: 3254d502-ccf5-4e6d-b3ac-f3656e392616
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 22:03:53	Name: bscookie Value: "v=1&20220715212122ae61a64b-2486-491d-8a05-751c1f7abad9AQEemnSuY5bovPBmFa9kMa8jFUXG4Ivz"
.linkedin.com/	1970-01-20 22:01:42	Name: li_gc Value: MTswOzE2NTc5MjAwODI7MjswMjFv3enIwbPwzT6NGos4QRiNia2znsqPIfc2Z4XHfBHBXA==
.checkpoint.com/	1970-01-20 13:17:36	Name: trd_cid Value: 16579200831000505
trackingapi.trendemon.com/	1978-01-11 21:31:40	Name: trd_gavid_2336 Value: 16579200831000505
trackingapi.trendemon.com/	1978-01-11 21:31:40	Name: trd_gvid Value: 16579200831000505
trackingapi.trendemon.com/	1978-01-11 21:31:40	Name: trd_vid_2336 Value: 2336%3A16579200831000505
.checkpoint.com/	1970-01-20 13:17:36	Name: trd_vid_l Value: 2336%3A16579200831000505
.checkpoint.com/	1970-01-20 13:17:36	Name: trd_vuid_l Value: 7518191291551334486
.checkpoint.com/	1970-01-20 13:17:36	Name: trd_first_visit Value: 1657920083
.checkpoint.com/	1970-01-20 13:17:36	Name: trd_pw Value: 1
.checkpoint.com/	1970-01-20 04:32:01	Name: trd_pws Value: 1
.checkpoint.com/	1970-01-20 04:32:01	Name: trd_sid Value: 16579200833920444
.checkpoint.com/	1970-01-20 04:32:43	Name: trd_ma_cookie Value: aWQ6NzUwLURRSC01MjgmdG9rZW46X21jaC1jaGVja3BvaW50LmNvbS0xNjU3OTIwMDgyNTc1LTcxNTQ4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

750-dqh-528.mktoresp.com
abrtp1-cdn.marketo.com
abrtp1.marketo.com
analytics.twitter.com
assets.trendemon.com
b.6sc.co
bit.ly
blog.checkpoint.com
c.6sc.co
cdn.onesignal.com
code.jquery.com
connect.facebook.net
epsilon.6sense.com
img.onesignal.com
ipv6.6sc.co
j.6sc.co
js.driftt.com
m.addthis.com
maxcdn.bootstrapcdn.com
munchkin.marketo.net
onesignal.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
rtp-static.marketo.com
s7.addthis.com
secure.adnxs.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
trackingapi.trendemon.com
v1.addthisedge.com
www.checkpoint.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
z.moatads.com
js.driftt.com
s7.addthis.com
104.244.42.197
104.244.42.3
104.75.88.126
13.107.42.14
141.193.213.21
143.204.89.17
185.89.210.101
192.28.144.124
192.28.144.84
199.232.136.157
2001:4860:4802:32::178
2001:4860:4802:32::36
2001:4de0:ac18::1:a:3b
23.205.237.4
23.35.237.151
23.75.232.42
2606:4700::6812:acf
2606:4700::6812:e234
2620:1ec:21::14
2a00:1450:4001:800::2008
2a00:1450:4001:80b::2004
2a00:1450:4001:810::2003
2a00:1450:400c:c0c::9a
2a02:26f0:3500:581::38f0
2a02:26f0:480:f::213:7edd
2a02:26f0:6c00:294::1c91
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.127.63.27
52.4.242.10
65.9.66.7
67.199.248.11
96.16.137.162
0104a101479585f7363d4800e2935b5265c0de094c9cf1fb29911330e0cc4533
026a19e94cb1a1cf50f74c68251a8c12f0685450cb58b85083a457ef165f7525
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0a5f44134f5fa51ca878a0b4f0a5421de6a82125b2bec68ed44722fe9b849da5
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
0fc686423c26cb1030032fd7e4f2dd664c4b08517a8990c0b46269dd4e01910b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1cd77fa33ec62313d7136ad461e03d4330780534bd66c00ac56b5e8111e456e5
1ebc05ee3718b937da1a6906973dfc1cd668b3326dc5be9cadee4e1519b6a16d
2580e1986fce375c6ed96ac5eb8974cab06d2848b997560bb3c7f9dd5581c53e
25c233630850690d2004083919b0abbf1bf977301548ab3268d80646fac235aa
278cd45917f5fee0e5710b34f2c03a3652544fe5a6ccea56cbbd0bd7324bf5e7
28b5267fa6522c1734edd61020a3f0a24a8cc9a91d4d58799c450e36b3f24855
2a5818fde3ebf72d87983e461992e10484ac717b5ebb07c8735ed34fd13dc37c
30581cee80fdc00a20dde03fe67c68d41453254863b15e9aefa09314eb342d2d
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a
35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31
3ea4c1df33b4b8931033cabfb7ddd6527bf654feff3eae81a4fdb4e9fea565a2
3eace2186259faa82a70f1f0626326432f33b2c201312874ba53688766fb5a62
439aa1d77d705d1a589128a5939662f546936a4cbf9828631649f2c586a8c341
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4eabdbc55715edcfef23aef35a30d6dc56f207e057c5b81b821f858121bb4a7b
562ccd4190cd291ad8527ce8a135846be7245466461a0d703e3ff55bf0bd18cf
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5fdf4b7f20680ea7beb868565c927e3bd22bd36cb581b0e4b289e255ca6aec27
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
69230d373df68804c4f0e88312fe400b97ca879bd9bd5ab8b785c3a56c108f6d
69c596d99119006e064249ae3e50a992142d43c43ff8a50c9fc9d6caec1951cc
6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
7003b61166e5a477a9b5880cafe0a0420fef0af9e35562f81488c3b4c76cb156
7340f212de3028767f8c553497cb67782ea9f778aca1e5b7a070564cc65655ab
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
76911468519fda64950773694e032587649fe089cf454e1f4afa005cd191772c
776cffaa56502ed4735b6651279206b4f8a01b1e78d66e7591d4f74a08a1bb82
78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7b9c9bef26e7982b7f751a9b5f66db6e6fe8cc25640a19fcc27a91bd58c21dd4
7d6ba13b690dee4af8ac51913d50f8509c65be9516aa24e2f761b3a1aa96dbd3
7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509
81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
876d97f7c44b69a70ef0d0ef12e0f1206d3e61366ada2d59e0d3c810c616c872
8d980fa0fe8e5717bce42de7da9b8e88fff442f9d1a7ce591c2a4ab0507b8575
8e038b564510a45dc11799f74da367733f3db7f9c0a0434f1e90c44ec5168278
953671f0a46bcb13b043debb0b41c9fa027909eaab0364fa2668a2334f4e66ac
9618254256558680f17697df7a39cdc18767e0a182d1c6e297db2289ddfc245e
97d551a9fa0041d9e3f3b4c423456c4628e9747f26cb458a0ec31df371d13507
9d3adffb59fef7c0687aac31a7ec8f9b3aa6daa83e2622e2559a489da6ceb555
9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0
9e9fc492002b12463033e6cf0e0fd06d8bf92b86fbf4d7355406a424a672208f
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a39743529eecf4fcd6bbac664fbdf469269eb0117dfa0461cfec8a22fad5dbc3
a7d7aa09becb2494f61a590c32dd433a7b0daf2bddf29c5f622ac84a4c197007
a8da941d8a446516c824ebc9fb77b42e6b92c6deed1daed266bd821ed27bc516
aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8aaffdb6fd495c82977176b9267b8ff2c4fc68dafaa39cf9497d6ed3a5fd5c7
b9462c3d8fc4e698687d6fa7efdd3123606f6e235a179e7cb12cdb38f8ed7978
b9d991f032b0f626a8b215af39aaae7ad4e1e262c9fad049b6f12a4fe7afb9bc
baa9b4dd9539a2d165cfee6c920b84b55742f26a219b6ae9828670454a05e0e3
bab4d95c3b1a677e3bc5c976e207d9a7189a14db8944c126474373f4cb9d91bd
bbfee792bf942ccdf2773f1da1cbfbc03c553f29404dbd8b9da60beee9287081
bfd3189d965573e36997f170667b1ceef5cfd0471b6f5be228ca6ac7bcb97c23
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c4b05f12d91c9f8b7c3bec26e49d7889b53885ed1b08e317e626490cba2c2967
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
cc08221e904788853f9dbae9e845e8c88e947de904dcd007c0da0c4d18acd1de
d245d96784beee8a8652270aaa63264158ef3a6aae0c4f76d051ee14c4de7d98
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd7e25fe1547c7102760792d7b920ed5a289aa0224014594f856b5ab396dc0d6
de577454583dc704235ea5155bbed9f1ebe779780f9f45a108f1286790a61d0e
e2174918b393aac08f576e1a26c26d438a894360f496fa0b94ad0c9c55403057
e3111006bd360d7e022385e73923dbec02fcf791700ee201958e711a4d304623
e3205178d8f4b21ab5dc10a089939e49dd276dea7b5047ef2b494ffea3b93b19
e3a1f8b3ab8e4c86ad3f060fcf503c31e8020a2280e7647e0f763fef62632224
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e777c757a34f77964886a0a1f6ff9c4506073a4c81b58f0e69d8362f147540b4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4222775ec34cb0566a2fbbf9130ab54ca54b9b23abd97a53786cb11682f92cb
f6d1e937279bbc0bc50adfc0d8de2b05b11239c589263cdfae98f3f9f519abd2
faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6
fb8acb6ca1149529e5e25600bfaaa2aa77a353369dd5c8f63869f63a42279db4
fe2df9f6df4b4a8d7174d259f563b8d9e28e4c03f8f4092fd9db6044e0e64c32
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

blog.checkpoint.com Open in urlscan Pro 141.193.213.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

153 Requests

82 %HTTPS

45 %IPv6

28 Domains

41 Subdomains

32 IPs

4 Countries

1750 kBTransfer

4967 kBSize

40 Cookies

139 Outgoing links

Page URL History

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.checkpoint.com Open in urlscan Pro
141.193.213.21 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

82 %
HTTPS

45 %
IPv6

28
Domains

41
Subdomains

32
IPs

4
Countries

1750 kB
Transfer

4967 kB
Size

40
Cookies

153 HTTP transactions
1 data transactions