assets.sentinelone.com Open in urlscan Pro
52.73.194.60 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Submission: On July 09 via manual (July 9th 2024, 4:30:01 am UTC) from US — Scanned from DE

Summary HTTP 156 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 42 IPs in 5 countries across 30 domains to perform 156 HTTP transactions. The main IP is 52.73.194.60, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is assets.sentinelone.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on August 23rd 2023. Valid for: a year.

This is the only time assets.sentinelone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	52.73.194.60 52.73.194.60	14618 (AMAZON-AES) (AMAZON-AES)
25	13.35.58.113 13.35.58.113	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1 1	172.67.74.101 172.67.74.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:12a:8001::2 2620:12a:8001::2	54113 (FASTLY) (FASTLY)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.17.71.206 104.17.71.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
5	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
3	104.102.38.132 104.102.38.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a02:26f0:350... 2a02:26f0:3500:10::210:a9a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
19	95.101.111.184 95.101.111.184	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	13.32.99.6 13.32.99.6	16509 (AMAZON-02) (AMAZON-02)
2 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	93.184.221.165 93.184.221.165	15133 (EDGECAST) (EDGECAST)
2	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	2a02:26f0:480... 2a02:26f0:480:23::1726:62a7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
3	172.217.18.104 172.217.18.104	15169 (GOOGLE) (GOOGLE)
1	18.66.102.53 18.66.102.53	16509 (AMAZON-02) (AMAZON-02)
4	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.159.153.247 162.159.153.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223d:400:11:8a36:7200:93a1	16509 (AMAZON-02) (AMAZON-02)
3	172.67.213.149 172.67.213.149	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	3.123.49.56 3.123.49.56	16509 (AMAZON-02) (AMAZON-02)
1 1	68.67.153.60 68.67.153.60	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2600:9000:206... 2600:9000:206f:9400:5:7a81:86c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	13.248.142.121 13.248.142.121	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
1 4	142.250.185.132 142.250.185.132	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	34.236.250.134 34.236.250.134	14618 (AMAZON-AES) (AMAZON-AES)
1	52.45.88.24 52.45.88.24	14618 (AMAZON-AES) (AMAZON-AES)
1	13.33.187.19 13.33.187.19	16509 (AMAZON-02) (AMAZON-02)
2	216.239.34.178 216.239.34.178	15169 (GOOGLE) (GOOGLE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
12	35.170.173.60 35.170.173.60	14618 (AMAZON-AES) (AMAZON-AES)
156	42

2 52.73.194.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-194-60.compute-1.amazonaws.com

assets.sentinelone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 13.35.58.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-113.fra60.r.cloudfront.net

cdn.pathfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.74.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.sentinelone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:12a:8001::2 (United States)

ASN54113 (FASTLY, US)

de.sentinelone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)

go.sentinelone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.102.38.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-38-132.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:10::210:a9a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 95.101.111.184 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-184.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-6.fra60.r.cloudfront.net

cdn-app.pathfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:23::1726:62a7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.104 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f104.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.153.247 (None, )

ASN13335 (CLOUDFLARENET, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:400:11:8a36:7200:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.abrankings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.213.149 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.calibermind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e.calibermind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.123.49.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-49-56.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.153.60 (Secaucus, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: s.ml-attr.com.pxlsrv.net

s.ml-attr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.21 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:9400:5:7a81:86c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

attr.ml-api.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.142.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac3ff6aafb2cddae2.awsglobalaccelerator.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.132 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.236.250.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-250-134.compute-1.amazonaws.com

spcollector.pathfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.88.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-88-24.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-19.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

327-mnm-087.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

13115870.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 35.170.173.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-173-60.compute-1.amazonaws.com

jukebox.pathfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	pathfactory.com cdn.pathfactory.com — Cisco Umbrella Rank: 255088 cdn-app.pathfactory.com — Cisco Umbrella Rank: 139081 spcollector.pathfactory.com — Cisco Umbrella Rank: 148847 jukebox.pathfactory.com — Cisco Umbrella Rank: 125961	1 MB
21	6sc.co j.6sc.co — Cisco Umbrella Rank: 13026 c.6sc.co — Cisco Umbrella Rank: 16914 ipv6.6sc.co — Cisco Umbrella Rank: 13532 b.6sc.co — Cisco Umbrella Rank: 7572	23 KB
11	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 110	859 KB
10	sentinelone.com 1 redirects assets.sentinelone.com www.sentinelone.com — Cisco Umbrella Rank: 421740 de.sentinelone.com go.sentinelone.com — Cisco Umbrella Rank: 992431	8 MB
8	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 4726	11 KB
8	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 208 13115870.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 215 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	1 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 102	21 KB
6	linkedin.com 2 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 671 px4.ads.linkedin.com — Cisco Umbrella Rank: 7218	3 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6500	316 B
5	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3576 www.google.com — Cisco Umbrella Rank: 10	213 B
4	bing.com bat.bing.com — Cisco Umbrella Rank: 530	15 KB
3	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 19986	1 KB
3	calibermind.com cdn.calibermind.com — Cisco Umbrella Rank: 108918 e.calibermind.com — Cisco Umbrella Rank: 128519	61 KB
3	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1900	14 KB
3	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 8630	6 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	3 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 774	2 KB
2	abrankings.com cdn.abrankings.com — Cisco Umbrella Rank: 148147	8 KB
2	quora.com a.quora.com — Cisco Umbrella Rank: 10249 q.quora.com — Cisco Umbrella Rank: 7202	15 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1311 script.hotjar.com — Cisco Umbrella Rank: 1952	60 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1362	966 B
2	t.co t.co — Cisco Umbrella Rank: 983	630 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 232	72 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 177	2 KB
1	mktoresp.com 327-mnm-087.mktoresp.com	318 B
1	ml-api.io attr.ml-api.io — Cisco Umbrella Rank: 50325	281 B
1	ml-attr.com 1 redirects s.ml-attr.com — Cisco Umbrella Rank: 44557	284 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1254	15 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1178	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 331	1 KB
156	30

	Domain	Requested by
25	cdn.pathfactory.com	assets.sentinelone.com cdn.pathfactory.com
14	b.6sc.co	assets.sentinelone.com
12	jukebox.pathfactory.com	cdn-app.pathfactory.com
11	www.googletagmanager.com	assets.sentinelone.com www.googletagmanager.com
8	tags.srv.stackadapt.com	assets.sentinelone.com tags.srv.stackadapt.com
7	www.google-analytics.com	assets.sentinelone.com www.google-analytics.com www.googletagmanager.com
6	go.sentinelone.com	assets.sentinelone.com go.sentinelone.com
5	spcollector.pathfactory.com	cdn-app.pathfactory.com
5	www.google.de	assets.sentinelone.com
4	www.google.com	1 redirects assets.sentinelone.com
4	bat.bing.com	www.googletagmanager.com bat.bing.com assets.sentinelone.com
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
4	px.ads.linkedin.com	2 redirects snap.licdn.com
3	epsilon.6sense.com	j.6sc.co
3	c.6sc.co	j.6sc.co
3	cdn-app.pathfactory.com	assets.sentinelone.com cdn-app.pathfactory.com
3	snap.licdn.com	assets.sentinelone.com
3	munchkin.marketo.net	assets.sentinelone.com munchkin.marketo.net
2	13115870.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.facebook.com	assets.sentinelone.com
2	secure.adnxs.com	2 redirects
2	cdn.calibermind.com	assets.sentinelone.com www.googletagmanager.com
2	cdn.abrankings.com	www.googletagmanager.com cdn.abrankings.com
2	ipv6.6sc.co	j.6sc.co
2	analytics.twitter.com	assets.sentinelone.com
2	t.co	assets.sentinelone.com
2	px4.ads.linkedin.com	assets.sentinelone.com
2	j.6sc.co	assets.sentinelone.com
2	connect.facebook.net	assets.sentinelone.com connect.facebook.net
2	assets.sentinelone.com	cdn.pathfactory.com
1	googleads.g.doubleclick.net	1 redirects
1	ad.doubleclick.net	assets.sentinelone.com
1	www.googleadservices.com	www.googletagmanager.com
1	e.calibermind.com	cdn.calibermind.com
1	327-mnm-087.mktoresp.com	munchkin.marketo.net
1	script.hotjar.com	static.hotjar.com
1	q.quora.com	assets.sentinelone.com
1	region1.analytics.google.com	www.googletagmanager.com
1	attr.ml-api.io	assets.sentinelone.com
1	s.ml-attr.com	1 redirects
1	a.quora.com	assets.sentinelone.com
1	static.hotjar.com	www.googletagmanager.com
1	static.ads-twitter.com	assets.sentinelone.com
1	code.jquery.com	assets.sentinelone.com
1	cdnjs.cloudflare.com	assets.sentinelone.com
1	de.sentinelone.com	assets.sentinelone.com
1	www.sentinelone.com	1 redirects
156	47

This site contains links to these domains. Also see Links.

Domain
labs.sentinelone.com
www.sentinelone.com

Subject Issuer	Validity	Valid
www.assets.sentinelone.com Amazon RSA 2048 M01	`2023-08-23` - `2024-09-20`	a year	crt.sh
*.pathfactory.com Amazon RSA 2048 M03	`2024-02-05` - `2025-03-04`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
go.sentinelone.com E1	`2024-05-19` - `2024-08-17`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-17` - `2024-07-16`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
6sc.co R11	`2024-07-03` - `2024-10-01`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
quora.com R3	`2024-06-02` - `2024-08-31`	3 months	crt.sh
cdn.abrankings.com Amazon RSA 2048 M02	`2024-02-17` - `2025-03-16`	a year	crt.sh
calibermind.com WE1	`2024-06-14` - `2024-09-12`	3 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-09-09` - `2024-10-07`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M03	`2024-03-31` - `2025-04-29`	a year	crt.sh
*.google.de WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.quora.com R3	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
*.googleadservices.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Frame ID: A0A2AE6F6AF3F1DDD234DE6F70288697
Requests: 145 HTTP requests in this frame

Frame: https://go.sentinelone.com/index.php/form/XDFrame
Frame ID: A1FFB0070FD564B93BD69D1498AB1F9E
Requests: 2 HTTP requests in this frame

Frame: https://13115870.fls.doubleclick.net/activityi;dc_pre=CJ_1kdqPmYcDFalIHgIdep8PcA;src=13115870;type=pagev0;cat=reque0;ord=%5BSessionID%5D;npa=1;auiddc=721791814.1720499394;ps=1;pcor=67468211;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9135076156za200;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en
Frame ID: B85479B89031EBB84D2EDC45767D523B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Chamelgang & Friends | Cyberespionage Groups Attacking Critical Infrastructure with Ransomware

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

156
Requests

97 %
HTTPS

30 %
IPv6

30
Domains

47
Subdomains

42
IPs

5
Countries

10540 kB
Transfer

16898 kB
Size

46
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://labs.sentinelone.com/

Search URL Search Domain Scan URL

URL: https://www.sentinelone.com/labs/contact/
Title: Get In Touch

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://www.sentinelone.com/external/pathfactory-share-url-rewrite.js?v=1.0.6 HTTP 302
https://de.sentinelone.com/external/pathfactory-share-url-rewrite.js?v=1.0.6

Request Chain 35

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432890%2C390996&time=1720499394102&url=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=432890%2C390996&time=1720499394102&url=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&e_ipv6=AQJpuDzF5cyfQgAAAZCVwVcCxiP4CJCAesnitxFENc22s1lCMY7vq5nfui8JlX4AIdYORQE

Request Chain 72

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.sentinelone.com%26pId%3d%24UID HTTP 302
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.sentinelone.com%26pId%3d%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dwww.sentinelone.com%2526pId%253d%2524UID HTTP 302
https://attr.ml-api.io/?domain=www.sentinelone.com&pId=4716852149119774972

Request Chain 111

https://13115870.fls.doubleclick.net/activityi;src=13115870;type=pagev0;cat=reque0;ord=%5BSessionID%5D;npa=1;auiddc=721791814.1720499394;ps=1;pcor=67468211;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9135076156za200;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en HTTP 302
https://13115870.fls.doubleclick.net/activityi;dc_pre=CJ_1kdqPmYcDFalIHgIdep8PcA;src=13115870;type=pagev0;cat=reque0;ord=%5BSessionID%5D;npa=1;auiddc=721791814.1720499394;ps=1;pcor=67468211;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9135076156za200;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en

Request Chain 112

https://px.ads.linkedin.com/collect/?pid=432890&conversionId=2402852&fmt=gif HTTP 302
https://px4.ads.linkedin.com/collect/?pid=432890&conversionId=2402852&fmt=gif&e_ipv6=AQKj204aqj4sqAAAAZCVwVnAEVN-TL9s2YdPvI0IhBI3xlkzzxzHDlEdqI-r1UFrvrPEH4k

Request Chain 118

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/970186784/?random=387365971&cv=11&fst=1720499394686&bg=ffffff&guid=ON&async=1&gtm=45be4730v890159661z871208095za201zb71208095&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&label=P7U6CJqLydsBEKDAz84D&hn=www.googleadservices.com&frm=0&tiba=Chamelgang%20%26%20Friends%20%7C%20Cyberespionage%20Groups%20Attacking%20Critical%20Infrastructure%20with%20Ransomware&value=0&npa=1&pscdl=noapi&auid=721791814.1720499394&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCKPFsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcjtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&eitems=ChAI8JyutAYQ3oH0h821mZw8Eh0ATv_fqSvBl68ybgLkwekaO3amNFyyosdvx-MCqA&pscrd=IhMIq-SN2o-ZhwMV2guiAx2nKAkgMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6QWh0dHBzOi8vYXNzZXRzLnNlbnRpbmVsb25lLmNvbS9zZW50aW5lbGxhYnMvY2hhbWVsZ2FuZy1mcmllbmRzLWVu HTTP 302
https://www.google.com/pagead/1p-conversion/970186784/?random=387365971&cv=11&fst=1720499394686&bg=ffffff&guid=ON&async=1&gtm=45be4730v890159661z871208095za201zb71208095&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&label=P7U6CJqLydsBEKDAz84D&hn=www.googleadservices.com&frm=0&tiba=Chamelgang%20%26%20Friends%20%7C%20Cyberespionage%20Groups%20Attacking%20Critical%20Infrastructure%20with%20Ransomware&value=0&npa=1&pscdl=noapi&auid=721791814.1720499394&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCKPFsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcjtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIq-SN2o-ZhwMV2guiAx2nKAkgMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6QWh0dHBzOi8vYXNzZXRzLnNlbnRpbmVsb25lLmNvbS9zZW50aW5lbGxhYnMvY2hhbWVsZ2FuZy1mcmllbmRzLWVu&is_vtc=1&cid=CAQSKQDaQooLuTz6vy8J7QUoea1ABPN1hzoUGHL2ZqHQmiFqh7eOSftCMcLK&eitems=ChAI8JyutAYQ3oH0h821mZw8Eh0ATv_fqdVJ0EOhiapL-fVhooe3Y6t7IM7EddsprA&random=2994720042 HTTP 302
https://www.google.de/pagead/1p-conversion/970186784/?random=387365971&cv=11&fst=1720499394686&bg=ffffff&guid=ON&async=1&gtm=45be4730v890159661z871208095za201zb71208095&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&label=P7U6CJqLydsBEKDAz84D&hn=www.googleadservices.com&frm=0&tiba=Chamelgang%20%26%20Friends%20%7C%20Cyberespionage%20Groups%20Attacking%20Critical%20Infrastructure%20with%20Ransomware&value=0&npa=1&pscdl=noapi&auid=721791814.1720499394&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCKPFsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcjtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIq-SN2o-ZhwMV2guiAx2nKAkgMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6QWh0dHBzOi8vYXNzZXRzLnNlbnRpbmVsb25lLmNvbS9zZW50aW5lbGxhYnMvY2hhbWVsZ2FuZy1mcmllbmRzLWVu&is_vtc=1&cid=CAQSKQDaQooLuTz6vy8J7QUoea1ABPN1hzoUGHL2ZqHQmiFqh7eOSftCMcLK&eitems=ChAI8JyutAYQ3oH0h821mZw8Eh0ATv_fqdVJ0EOhiapL-fVhooe3Y6t7IM7EddsprA&random=2994720042&ipr=y

156 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request chamelgang-friends-en Show response
assets.sentinelone.com/sentinellabs/ 529 KB
138 KB 788ms
460ms Document
text/html 52.73.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.73.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-73-194-60.compute-1.amazonaws.com

Software

Resource Hash

a05f76347e497e82410f36908364c4a8e112e3b7fb54cece2a4181eec39aa407

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 09 Jul 2024 04:29:53 GMT
etag: W/"a05f76347e497e82410f36908364c4a8"
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin Accept-Encoding
x-content-type-options: nosniff
x-request-id: 9803dc8c-7c1b-4cce-8432-9e3bdb65ddc2
x-runtime: 0.336183

GET
H2 200 roboto_lato.css
cdn.pathfactory.com/web-fonts/roboto_lato/ 5 KB
1015 B 154ms
42ms Stylesheet
text/css 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pathfactory.com/web-fonts/roboto_lato/roboto_lato.css
Requested by: Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3e647bd139028a8b14cd0c42545d61fe316a4a42436a5602b44df99d8d416f3

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 01:23:41 GMT
content-encoding: gzip
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
last-modified: Mon, 27 Mar 2023 14:49:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 11182
x-amz-server-side-encryption: AES256
etag: W/"6339b6205ef670ae453a1fa9e8740fd8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: ED6VYi7XnvNWZoZd0gPMpBWbrdUJjOX5JBhu3wbuy7JTkrisePe77A==

GET
H2 200 font-awesome.min.css
cdn.pathfactory.com/web-fonts/font-awesome/ 28 KB
7 KB 152ms
41ms Stylesheet
text/css 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pathfactory.com/web-fonts/font-awesome/font-awesome.min.css
Requested by: Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 14b6cfd9b2a41bf5ee498086b1fbe2e8a31b1f99d5e040d55bdbe2d95702b6ac

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 03:02:29 GMT
content-encoding: gzip
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
last-modified: Mon, 27 Mar 2023 14:48:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 5245
x-amz-server-side-encryption: AES256
etag: W/"d96f1330ac4b04ce0b20d2206236e62c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: rNCuRor4VgzKX6nHVz07lowQuFFInw_2FO1qfTYINU8Gk3RsxDS95Q==

GET
H2 200 overpass.css
cdn.pathfactory.com/web-fonts/overpass/ 6 KB
981 B 153ms
42ms Stylesheet
text/css 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pathfactory.com/web-fonts/overpass/overpass.css
Requested by: Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 58112726cdedca894ece97c82f091241d25fef9d223c565e1136792db84f6e00

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 05:01:25 GMT
content-encoding: gzip
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
last-modified: Mon, 27 Mar 2023 14:49:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 84509
x-amz-server-side-encryption: AES256
etag: W/"3564370037cc83ed92486dfad9b59ea7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: FhpTIcAgebHuxfbl9Ae9_p9TWZ95iXMApFQnGcGb6KLRZQADfL7RWg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
92 KB 171ms
71ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-970186784

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5453090a53339782eb46c42e15f028cdeaae04e41296a506a2c85bca8a70e4e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93882
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jul 2024 04:29:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 206 KB
74 KB 129ms
126ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-38175129-1

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

158139ca63eff0371f51bcf54c258a8a4fc031037f3eb7601a21056927840a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75977
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jul 2024 04:29:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 117ms
115ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-38175129-4

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92ce1c889d8c2e068cf48961ed3598d0df0bc9704fb3e7bdf5f585eb3238c357

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76930
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jul 2024 04:29:53 GMT

GET
H2

200

pathfactory-share-url-rewrite.js Show response
de.sentinelone.com/external/
Redirect Chain

https://www.sentinelone.com/external/pathfactory-share-url-rewrite.js?v=1.0.6
https://de.sentinelone.com/external/pathfactory-share-url-rewrite.js?v=1.0.6

5 KB
2 KB

162ms
54ms

Script
application/x-javascript

2620:12a:8001::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://de.sentinelone.com/external/pathfactory-share-url-rewrite.js?v=1.0.6

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Server

2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

49744250970bf1de3fb8cb2c643bb19f5c36e642f24d7aabafb16d7f68bd77db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits: 0, 0, 0, 0
strict-transport-security: max-age=31622400; includeSubDomains; preload
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date: Tue, 09 Jul 2024 04:29:53 GMT
age: 2061857
x-cache: HIT, HIT, MISS, MISS
x-pantheon-styx-hostname: styx-fe2-b-7f89659644-zmrv9
content-length: 1577
x-served-by: cache-chi-klot8100040-CHI, cache-mxp6945-MXP, cache-mxp6938-MXP, cache-mxp6938-MXP
last-modified: Fri, 14 Jun 2024 12:29:04 GMT
server: nginx
x-timer: S1720499394.795868,VS0,VE7
etag: W/"666c3790-12ea"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 40f92a20-2aeb-11ef-b55c-aa3a42dbe3aa
cache-control: max-age=31622400
accept-ranges: bytes
expires: Mon, 16 Jun 2025 07:45:36 GMT

Redirect headers

date: Tue, 09 Jul 2024 04:29:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J0iaiOJ5FFLB7j44BCJOGuleXPb6i5PtDU5%2BpgRz3BEndWnNtv0RtKmBnj%2BSzze4YQlH2MARr9RPqQNWVuamx5wttwH3MmkzBkhRyv3Jb2UCJjHoDD5EPuZ%2BJMY3SCKMfEzYXdo%3D"}],"group":"cf-nel","max_age":604800}
location: https://de.sentinelone.com/external/pathfactory-share-url-rewrite.js?v=1.0.6
cf-ray: 8a05935a1caba058-FRA
content-length: 0

GET
H3 200 visibility.min.js Show response
cdnjs.cloudflare.com/ajax/libs/visibility.js/1.2.4/ 2 KB
1 KB 95ms
51ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/visibility.js/1.2.4/visibility.min.js

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6062a74eb4c0366e9c2dd404c0c8393664271192ea5fa5cfd7f7860cbdc7ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 635390
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 774
last-modified: Mon, 04 May 2020 16:17:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04028-8ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bFSUAyppE18VV2YUATANc2%2FykhjUDFB1mkXC2V3ZJed8OtOVowMYlJNfnMwuIebf4VM%2BkgWl0%2F03CHbYC6Cg0OM3%2B08p%2FiA2FNElb94k47ke5eicfUWTw2w6cUDVR9v98HZLGGgr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a0593599a9f1c32-FRA
expires: Sun, 29 Jun 2025 04:29:53 GMT

GET
H2 200 forms2.min.js Show response
go.sentinelone.com/js/forms2/js/ 199 KB
67 KB 415ms
85ms Script
application/x-javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.sentinelone.com/js/forms2/js/forms2.min.js

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0423f69dc0e5f863d923e48c8c61298979b1c3fbdacbf6976d2b36f160bdea88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
age: 4587
etag: "d006e9-31b30-619b21e0856c0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 8a05935b5fbfaca4-TXL
expires: Tue, 09 Jul 2024 08:29:53 GMT

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 169ms
49ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:53 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 15047959
x-cache: HIT, HIT
content-length: 30125
x-served-by: cache-lga21971-LGA, cache-mxp6979-MXP
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1720499394.616583,VS0,VE0
etag: W/"28feccc0-15283"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 15, 82578

GET
H2 200 viewer.css
cdn.pathfactory.com/pdfjs/2.16.105/web/ 67 KB
12 KB 45ms
44ms Stylesheet
text/css 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
Requested by: Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e105ac63de9df1869dea83da53cb2eb51e6a2772646c1c03819a4d824a3e2638

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 04:43:14 GMT
content-encoding: gzip
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
last-modified: Tue, 28 Mar 2023 14:27:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 85619
x-amz-server-side-encryption: AES256
etag: W/"22fec46066d5f18eb4ba11e8abcacf11"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: 5GTWkEbHjrH8ARI5V9SwTXuX-m6K-tYTvSRDLmEhM27kNpcTPTxRfQ==

GET
H2 200 pdf.min.js Show response
cdn.pathfactory.com/pdfjs/2.16.105/build/ 270 KB
76 KB 75ms
74ms Script
application/javascript 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pathfactory.com/pdfjs/2.16.105/build/pdf.min.js
Requested by: Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66f8043d563550a1fba21d7bda97fefa112ee286c1371c4cbc36b6c3186f4994

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 00:53:44 GMT
content-encoding: gzip
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
last-modified: Tue, 28 Mar 2023 14:27:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 12970
etag: W/"a7899f2aae2e5db5bcf5492685f7f8d5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: EyQldzHFZcjyWgwkGi1KYJYvbOT6avJFmkDMEYFIR1BDOLemWvfLjg==

GET
H2 200 pdf.worker.min.js Show response
cdn.pathfactory.com/pdfjs/2.16.105/build/ 1008 KB
277 KB 117ms
117ms Script
application/javascript 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pathfactory.com/pdfjs/2.16.105/build/pdf.worker.min.js
Requested by: Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 025b00b18ed3b9e5750249f7952094f686ba95650530df54771370bde96be1c4

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 03:01:30 GMT
content-encoding: gzip
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
last-modified: Tue, 28 Mar 2023 14:27:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 5325
x-amz-server-side-encryption: AES256
etag: W/"6a7f53000c5b271c9f8a1e7187540dbf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: lJgnu7S8v_QFadrMhg8Otn1fIDxp52urTrxJC9zpE1Mg09J1l0AG1A==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 127ms
39ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 Jul 2024 03:41:01 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2933
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 09 Jul 2024 05:41:01 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 241ms
43ms Script
application/x-javascript 104.102.38.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 04:29:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 222 KB
59 KB 126ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 09 Jul 2024 04:29:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58293
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2775, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: KTm6CdhcYcRQIHCKt1folTOsVee9l0LAifQ5YrpfaS4moqiZJ7zbVQCXJsv1f0rwP1/lGHqQJzqR8ZZRXQvvLQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 38 KB
14 KB 140ms
41ms Script
application/javascript 2a02:26f0:3500:10::210:a9a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Jun 2024 16:46:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=40844
accept-ranges: bytes
content-length: 14004

GET
H2 200 getForm Show response
go.sentinelone.com/index.php/form/ 6 KB
2 KB 133ms
133ms Script
application/javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.sentinelone.com/index.php/form/getForm?munchkinId=327-MNM-087&form=3371&url=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&callback=jQuery371006964447773982019_1720499393926&_=1720499393927
Requested by: Host: go.sentinelone.com
URL: https://go.sentinelone.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d23d57d3e20ead100b617ecdd2ba95dc793010d5556a866a16a1fb1b45975d52

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 8a05935c49acaca4-TXL
cached: true
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 403 KB
122 KB 179ms
179ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGGXSJ

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8d849bf74b31aab13e3cf584d4bf4bb6e39a04c65c21dce38a8c0440adcd182

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124739
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jul 2024 04:29:54 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 138ms
41ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220113-FRA

GET
H2 200 6si.min.js Show response
j.6sc.co/ 66 KB
18 KB 141ms
43ms Script
application/javascript 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

4d3dab569c7b9e24ba3484873769a6b4a34bd3ab4ef6ff53b1c5a5c60f7d5663

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Jun 2024 00:42:44 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "666b9204-10980"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 18315
expires: Tue, 09 Jul 2024 04:29:54 GMT

GET
H2 200 tracks.js Show response
cdn-app.pathfactory.com/production/jukebox/current/ 2 MB
499 KB 144ms
40ms Script
application/javascript 13.32.99.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-app.pathfactory.com/production/jukebox/current/tracks.js?x=2
Requested by: Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-6.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 881896b15b290db29b27141d281f464e0a9955ba6e165ff4af1d87d7eeaeedea

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
date: Tue, 09 Jul 2024 01:07:19 GMT
last-modified: Thu, 04 Jul 2024 01:05:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12156
x-amz-server-side-encryption: AES256
etag: W/"723105190bd15f617614926cfe53a697"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=43200
x-amz-cf-id: Kx9ZAoRRCeDqK9-3WViroTJrwFzymmKPbSD7ltB0Bq6BdOvK0Xlx2Q==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 38 KB
0 40ms
40ms Script
application/javascript 2a02:26f0:3500:10::210:a9a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Jun 2024 16:46:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=40844
accept-ranges: bytes
content-length: 14004

GET
H2 200 toolbarButton-search.svg
cdn.pathfactory.com/pdfjs/2.16.105/web/images/ 445 B
906 B 123ms
43ms Image
image/svg+xml 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/images/toolbarButton-search.svg
Requested by: Host: cdn.pathfactory.com
URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27fadbd5f0a5ae4a7a75867bf41ec216ce8cc4f824d6cacac6af71ce2c983a35

Request headers

Referer: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
Origin: https://assets.sentinelone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 05:14:37 GMT
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
age: 83718
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 445
last-modified: Tue, 28 Mar 2023 14:27:31 GMT
server: AmazonS3
etag: "e471a9114a3945a991bba9a984b115f7"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding,Origin
accept-ranges: bytes
x-amz-cf-id: FKQ30JZ8e2h1DTVpPNaZ4AWTqYMLxUENb3IIKe_o7mlruOMjYKBbfQ==

GET
H2 200 toolbarButton-pageUp.svg
cdn.pathfactory.com/pdfjs/2.16.105/web/images/ 490 B
950 B 130ms
49ms Image
image/svg+xml 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/images/toolbarButton-pageUp.svg
Requested by: Host: cdn.pathfactory.com
URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1605c9fa02c8ef1c9335791a6cf685d63619cca122bd936f5042415b2f38b17b

Request headers

Referer: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
Origin: https://assets.sentinelone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 08:50:34 GMT
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
age: 70760
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 490
last-modified: Tue, 28 Mar 2023 14:27:34 GMT
server: AmazonS3
etag: "8f70a27f790afc7fb74f658a654702cd"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding,Origin
accept-ranges: bytes
x-amz-cf-id: iYRiA0R-2ynvONtMmzDwkxhet-vxkPYjde3A0NPHr-UGOFBHmJMFRg==

GET
H2 200 toolbarButton-pageDown.svg
cdn.pathfactory.com/pdfjs/2.16.105/web/images/ 490 B
950 B 124ms
44ms Image
image/svg+xml 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/images/toolbarButton-pageDown.svg
Requested by: Host: cdn.pathfactory.com
URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31511c3fc79860742c2a0f8bbddc58293d8a42e37c7c15e2202470723facc6f6

Request headers

Referer: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
Origin: https://assets.sentinelone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 08:50:34 GMT
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
age: 70760
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 490
last-modified: Tue, 28 Mar 2023 14:27:39 GMT
server: AmazonS3
etag: "403ec3874f3d293be7ff1bbbbe0e0183"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding,Origin
accept-ranges: bytes
x-amz-cf-id: 7q2QjOOvadkrS-Ld0xqaAW_bChu0Oh5p-5R3Rdj-z3xL2xE-ZS8WCA==

GET
H2 200 toolbarButton-presentationMode.svg
cdn.pathfactory.com/pdfjs/2.16.105/web/images/ 390 B
849 B 127ms
47ms Image
image/svg+xml 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/images/toolbarButton-presentationMode.svg
Requested by: Host: cdn.pathfactory.com
URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d469032c5b6c6f19447cba65d7669c2f646f790701cdd057c7edb2ff2b852353

Request headers

Referer: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
Origin: https://assets.sentinelone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 06:12:54 GMT
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
age: 80221
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 390
last-modified: Tue, 28 Mar 2023 14:27:38 GMT
server: AmazonS3
etag: "cdde3ed871b4fe44de749cd40e6e4afe"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding,Origin
accept-ranges: bytes
x-amz-cf-id: qhpNMUWnvI4U36WfQHBDKGJnozls4ehF0vPTZI1V24lI6lbC0XztDQ==

GET
H2 200 toolbarButton-print.svg
cdn.pathfactory.com/pdfjs/2.16.105/web/images/ 583 B
1 KB 123ms
44ms Image
image/svg+xml 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/images/toolbarButton-print.svg
Requested by: Host: cdn.pathfactory.com
URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36ac4761ddf7b0054378c120e0f406e3634ed8eb1a1a5187c64943efc43a17d1

Request headers

Referer: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
Origin: https://assets.sentinelone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:27:40 GMT
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
age: 7465
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 583
last-modified: Tue, 28 Mar 2023 14:27:28 GMT
server: AmazonS3
etag: "653ebf35a6d2cb971640a697f3bf059d"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding,Origin
accept-ranges: bytes
x-amz-cf-id: 49jBj8J_a-2Q1ETKZBlzUbUAHH_60X7Jh6qwMBiGbbW6memdpywmpQ==

GET
H2 200 toolbarButton-zoomOut.svg
cdn.pathfactory.com/pdfjs/2.16.105/web/images/ 355 B
815 B 125ms
45ms Image
image/svg+xml 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/images/toolbarButton-zoomOut.svg
Requested by: Host: cdn.pathfactory.com
URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7f1579d23180ed58215bcaa5cb8b904135286a0be9e5ddd9aa6fb64f0e8e407

Request headers

Referer: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
Origin: https://assets.sentinelone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 05:31:31 GMT
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
age: 82704
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 355
last-modified: Tue, 28 Mar 2023 14:27:29 GMT
server: AmazonS3
etag: "8b25c4c6039c29d9b842342eb4ef1677"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding,Origin
accept-ranges: bytes
x-amz-cf-id: hMPNv2hZNakpDIsWUPuaUFyRbJNIDCom2MopbPAcM3PgsK19JWxoWQ==

GET
H2 200 toolbarButton-zoomIn.svg
cdn.pathfactory.com/pdfjs/2.16.105/web/images/ 397 B
857 B 252ms
172ms Image
image/svg+xml 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/images/toolbarButton-zoomIn.svg
Requested by: Host: cdn.pathfactory.com
URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8b80246d1aa2496069cf9067fb3e3dc14c714155a24924a2e3a52f098325646

Request headers

Referer: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
Origin: https://assets.sentinelone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 05:14:37 GMT
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
age: 83718
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 397
last-modified: Tue, 28 Mar 2023 14:27:37 GMT
server: AmazonS3
etag: "91edbe98fed5e3bd7b80367326384ed2"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding,Origin
accept-ranges: bytes
x-amz-cf-id: Fz2VIXd4sLIiCtHaUmj7VTBQH372a5ZJZHvScFeaP5rRbCF0xJkjcg==

GET
H2 200 toolbarButton-menuArrow.svg
cdn.pathfactory.com/pdfjs/2.16.105/web/images/ 224 B
684 B 126ms
46ms Image
image/svg+xml 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/images/toolbarButton-menuArrow.svg
Requested by: Host: cdn.pathfactory.com
URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a72b21eaf2bbeed38e6fb26a5d10a964b3ec90a45a0c77cbbf5415c27fa07446

Request headers

Referer: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
Origin: https://assets.sentinelone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 08:50:35 GMT
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
age: 70760
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 224
last-modified: Tue, 28 Mar 2023 14:27:37 GMT
server: AmazonS3
etag: "14ef66e55afd3520c787dfaddb569a7f"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding,Origin
accept-ranges: bytes
x-amz-cf-id: KYL2rTMxP4iCpRPNaiPx2lWFArFnNso08yGN6NEIgARYSiiNXisS1w==

GET
H2 200 locale.properties Show response
cdn.pathfactory.com/pdfjs/2.16.105/web/locale/ 4 KB
5 KB 131ms
54ms XHR
binary/octet-stream 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/locale/locale.properties
Requested by: Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 417ade7c3f236689b04b450648c44f2fdc377aa208534400cec4fa7af8564f5b

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 02:56:36 GMT
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
age: 8279
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4522
last-modified: Tue, 28 Mar 2023 14:27:52 GMT
server: AmazonS3
etag: "1f10652ab6a32809dfa94a864103b238"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding,Origin
accept-ranges: bytes
x-amz-cf-id: IO88goi0SXyFC2s3ZNMkCsZpPaMqN-zUc8ST37fu_S2Wj6e4lyZNYw==

GET
H2 200 forms2.css
go.sentinelone.com/js/forms2/css/ 13 KB
3 KB 57ms
55ms Stylesheet
text/css 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.sentinelone.com/js/forms2/css/forms2.css

Requested by

Host: go.sentinelone.com
URL: https://go.sentinelone.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
age: 2271
etag: "d006e0-3437-619b21e0856c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8a05935d2b6eaca4-TXL
content-length: 2623
expires: Tue, 09 Jul 2024 08:29:54 GMT

GET
H2 200 forms2-theme-plain.css
go.sentinelone.com/js/forms2/css/ 828 B
331 B 58ms
55ms Stylesheet
text/css 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.sentinelone.com/js/forms2/css/forms2-theme-plain.css

Requested by

Host: go.sentinelone.com
URL: https://go.sentinelone.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
age: 2271
etag: "1a2039b-33c-619b21e0856c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8a05935d2b71aca4-TXL
content-length: 246
expires: Tue, 09 Jul 2024 08:29:54 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
817 B 299ms
194ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=432890%2C390996&time=1720499394102&url=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:53 GMT
content-encoding: gzip
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 4214D94BE5BD45FDAA04B9D607291F9E Ref B: DUS30EDGE0910 Ref C: 2024-07-09T04:29:54Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-ltx1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYcyPs7w8c5izblD+uFaA==
x-fs-uuid: 00061cc8fb3bc3c7398b36e50feb8568

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432890%2C390996&time=1720499394102&url=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=432890%2C390996&time=1720499394102&url=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&e_ipv6=AQJpuDzF5cyfQgAAAZCVwVc...

0
264 B

300ms
198ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=432890%2C390996&time=1720499394102&url=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&e_ipv6=AQJpuDzF5cyfQgAAAZCVwVcCxiP4CJCAesnitxFENc22s1lCMY7vq5nfui8JlX4AIdYORQE
Requested by: Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: A5F47BD02BE0484291DE3C9A340638E4 Ref B: FRAEDGE1219 Ref C: 2024-07-09T04:29:54Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYcyPtAVC5HH2CueuaVLQ==

Redirect headers

date: Tue, 09 Jul 2024 04:29:54 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 0FD515DBF4BB4B3181664A2186FDAC7F Ref B: FRAEDGE1406 Ref C: 2024-07-09T04:29:54Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=432890%2C390996&time=1720499394102&url=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&e_ipv6=AQJpuDzF5cyfQgAAAZCVwVcCxiP4CJCAesnitxFENc22s1lCMY7vq5nfui8JlX4AIdYORQE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYcyPs7ySLu+iLd3sVXzA==

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
624 B 331ms
229ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6DBFEC79C1B349159D555111BA6FF69D Ref B: FRAEDGE1406 Ref C: 2024-07-09T04:29:54Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://assets.sentinelone.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYcyPs8Dv2+sP6EK4RWMg==

GET
H2 200 adsct
t.co/i/ 43 B
377 B 299ms
151ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=671a652d-e92c-4f77-88b2-d638623ce40a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6fe88818-7770-43d5-9838-7e5c3559bd04&tw_document_href=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuzj4&type=javascript&version=2.3.30

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 103
date: Tue, 09 Jul 2024 04:29:53 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 47705966bc6690a2
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: a8789a148a48612384e4b6f9aae3ba3e2d0d674e7646c6f63bd1283d2a4bf30a
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 307ms
155ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=671a652d-e92c-4f77-88b2-d638623ce40a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6fe88818-7770-43d5-9838-7e5c3559bd04&tw_document_href=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuzj4&type=javascript&version=2.3.30

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 115
date: Tue, 09 Jul 2024 04:29:53 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 26c8252a915d6fdf
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 2c8a4e67ab2dc898f9a5a333ae237d069916c70cdfdfcb69ac8b463d4bc05823
content-length: 43

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
85 KB 83ms
82ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-997291837&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-970186784

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3dec4cdbb1b85111a2c2d680f8a44a8aa4b46832aaf839a0b63437bd58a5f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87345
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jul 2024 04:29:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 206 KB
74 KB 69ms
69ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-38175129-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-970186784

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c541f4e34e09830e472235905ee1e6a3b32dcc90ce831181c71aecdac3e48573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75919
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jul 2024 04:29:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 90ms
89ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-38175129-4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-970186784

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1f112a5b8bad147ebed841380bd82c9d5368abdb87b17509f9357c8e3b318ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76967
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jul 2024 04:29:54 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 50ms
49ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=391280588&t=pageview&_s=1&dl=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&ul=de-de&de=UTF-8&dt=Chamelgang%20%26%20Friends%20%7C%20Cyberespionage%20Groups%20Attacking%20Critical%20Infrastructure%20with%20Ransomware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=788552435&gjid=914577928&cid=2144185504.1720499394&tid=UA-38175129-1&_gid=245491309.1720499394&_r=1&gtm=457e4730za200zb890159661&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&jsscut=1&npa=1&z=1335714761

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://assets.sentinelone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
0 0ms
0ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38175129-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 03:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2933
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 09 Jul 2024 05:41:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
93 KB 74ms
65ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RB6JC05KKN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38175129-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

70d586636c4367496ac0bd97e3cda9de1ae6b93a370827e411fc30ded33146ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94861
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jul 2024 04:29:54 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 52ms
49ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=391280588&t=pageview&_s=1&dl=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&ul=de-de&de=UTF-8&dt=Chamelgang%20%26%20Friends%20%7C%20Cyberespionage%20Groups%20Attacking%20Critical%20Infrastructure%20with%20Ransomware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1382526156&gjid=595626910&cid=2144185504.1720499394&tid=UA-38175129-4&_gid=245491309.1720499394&_r=1&gtm=457e4730za200zb890159661&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&jsscut=1&npa=1&z=1429837588

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://assets.sentinelone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
197 B 71ms
42ms XHR
text/html 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://assets.sentinelone.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 19 B
313 B 193ms
49ms XHR
text/html 2a02:26f0:480:23::1726:62a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:23::1726:62a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c0ad39faea959c6452ccf07bbf3c65bf7f5e1afa8df00d05cfbb1087a8aee9ac

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://assets.sentinelone.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a01:4a0:1338:92::6
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1720499394300_388391911_789843343_26_1014_40_64_219";dur=1
content-length: 19
expires: Tue, 09 Jul 2024 04:29:54 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 163ms
136ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 09 Jul 2024 04:29:54 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 166ms
139ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=3576c97e67a9b7f8553a44ff1cc54791&svisitor=null&visitor=e3389053-bca0-4892-80bf-44232256707c&session=6fd7bbfc-7204-4962-8f50-06a63a697ebb&event=ni%3AasyncSettingsAudit&q=%7B%22activity_type%22%3A%22white_paper%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2009%20Jul%202024%2004%3A29%3A54%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setPageAttributes%5C%22%2C%5C%22value%5C%22%3A%5C%22%7B%5C%5C%5C%22activity_type%5C%5C%5C%22%3A%5C%5C%5C%22white_paper%5C%5C%5C%22%7D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2009%20Jul%202024%2004%3A29%3A54%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%223576c97e67a9b7f8553a44ff1cc54791%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2009%20Jul%202024%2004%3A29%3A54%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2009%20Jul%202024%2004%3A29%3A54%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2009%20Jul%202024%2004%3A29%3A54%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%228ba4c5a3fa178cfadac2b61291295db2874be830%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2009%20Jul%202024%2004%3A29%3A54%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20collaboration%20with%20Recorded%20Future%2C%20SentinelLabs%20has%20been%20tracking%20two%20distinct%20activity%20clusters%20targeting%20government%20and%20critical%20infrastructure%20sectors%20globally%20between%202021%20and%202023.%20We%20associate%20one%20activity%20cluster%20with%20the%20suspected%20Chinese%20APT%20group%20ChamelGang%20(also%20known%20as%20CamoFei)%2C%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Chamelgang%20%26amp%3B%20Friends%20%7C%20Cyberespionage%20Groups%20Attacking%20Critical%20Infrastructure%20with%20Ransomware%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&pageViewId=b73e6bf6-7690-4dcd-85c2-e05b043702a1&v=1.1.21

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 09 Jul 2024 04:29:54 GMT

GET
H2 200 viewer.properties Show response
cdn.pathfactory.com/pdfjs/2.16.105/web/locale/de/ 13 KB
13 KB 91ms
79ms XHR
binary/octet-stream 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/locale/de/viewer.properties
Requested by: Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbc6fadfdb36d9fb032abee504d9e22cf933e7551d69cd01ec6c91ebd8758659

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 19:42:04 GMT
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
age: 31671
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 12812
last-modified: Tue, 28 Mar 2023 14:25:59 GMT
server: AmazonS3
etag: "1dd623115080ed4f3ba6e303a23fa34d"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding,Origin
accept-ranges: bytes
x-amz-cf-id: ANhxJHsTwyqteaNoeJKe8FWtTMWw3O28xTxZtNq9N3Zj9kwKEsVp1Q==

GET
H2 200 XDFrame Show response
go.sentinelone.com/index.php/form/ Frame A1FF 2 KB
865 B 150ms
149ms Document
text/html 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.sentinelone.com/index.php/form/XDFrame

Requested by

Host: go.sentinelone.com
URL: https://go.sentinelone.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64d117a5cdaf7b8aa3bc5ff1abeec0e1d98b834782d49f34260c4e1ecc7ec4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 8a05935e1d80aca4-TXL
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 09 Jul 2024 04:29:54 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 307303873637462 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 167ms
166ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/307303873637462?v=2.9.160&r=stable&domain=assets.sentinelone.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b57fbbfcd201942da953651e360bd586ca15ea05a708eb10b95f0dd4acd65b64

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 09 Jul 2024 04:29:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=44, rtx=0, c=65, mss=1297, tbw=63823, tp=-1, tpl=-1, uplat=120, ullat=0
pragma: public
x-fb-debug: uYZJGp3f5sZ7+hkaNi0o1zeZvhIvxwXm907mtH5snT78sE+7vAtR0bfROhCE9Ys7fN2XVb3N0NT4ZdmmRvUvkQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 159ms
52ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-38175129-1&cid=2144185504.1720499394&jid=788552435&gjid=914577928&_gid=245491309.1720499394&npa=1&_u=aEDAAUAAAAAAACAAI~&z=181048358

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 Jul 2024 04:29:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://assets.sentinelone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 267 KB
92 KB 70ms
70ms Script
application/javascript 172.217.18.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-970186784&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGGXSJ

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f104.1e100.net

Software

Google Tag Manager /

Resource Hash

41dd35f9e13c7e19e61ea5902ad39f4d59dd2bbb13732e50a6a33b5e14e8db88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93941
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jul 2024 04:29:54 GMT

GET
H2 200 hotjar-2714452.js Show response
static.hotjar.com/c/ 9 KB
4 KB 153ms
44ms Script
application/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2714452.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGGXSJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-53.fra56.r.cloudfront.net

Software

Resource Hash

007cd3d0cc0338034fa0194165aa8c5c80bee9be0eb86f8b568ad864553787f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 Jul 2024 04:29:54 GMT
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 39
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/b68b6fdd6b46f29e0d3ffb110513b130
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: vxordjfnTXvCrZzn2zgir-arW-hKfSi9qMqiXiwy9BqiWst1gIhdMg==

GET
H2 200 bat.js Show response
bat.bing.com/ 47 KB
14 KB 201ms
67ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGGXSJ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a97bc8ec679a82ec782bd76c7302c0ca394c1ad672450f86f87bee5e0ec06b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 09 Jul 2024 04:29:53 GMT
last-modified: Mon, 08 Jul 2024 16:08:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 41D12236406A4FCB9F1C89FF6E0696FF Ref B: FRA31EDGE0809 Ref C: 2024-07-09T04:29:54Z
etag: "804a6d1951d1da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13828

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
0 0ms
0ms Script
application/x-javascript 104.102.38.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 04:29:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 38 KB
0 1ms
1ms Script
application/javascript 2a02:26f0:3500:10::210:a9a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Jun 2024 16:46:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=40844
accept-ranges: bytes
content-length: 14004

GET
H3 200 qevents.js Show response
a.quora.com/ 41 KB
15 KB 112ms
61ms Script
text/plain 162.159.153.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.153.247 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5af5ee0b37b1f0ef31c42932bbf81424e4bb53e95e87a47e058625c1af2245db

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
x-amz-version-id: jrgqQn59BHyNBJEhUqaibHl1Lk06.AzO
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: M04HPBTPY5GDBBF5
age: 5812340
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Tl+NCrT4/ROq8BOB/jXEFbjekr+B/799PB4hsh4cPaz8GcT19YQzaMe+k+f+IJxKpv7tKCeNqoQ=
last-modified: Thu, 28 Mar 2024 17:33:19 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:87b5ecaafd0e88097cbbb1bbb7695fe9
etag: W/"87b5ecaafd0e88097cbbb1bbb7695fe9"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=14400
cf-ray: 8a05935edf3a452e-TXL
expires: Tue, 09 Jul 2024 08:29:54 GMT

GET
H2 200 client.js Show response
cdn.abrankings.com/js/ 35 KB
8 KB 163ms
41ms Script
application/javascript 2600:9000:223d:400:11:8a36:7200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.abrankings.com/js/client.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGGXSJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:400:11:8a36:7200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 6782c26e66d8abbe5816cd0222f41c431399582ce9b59805bffda7572e7ba288

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: public
date: Sat, 01 Jun 2024 12:33:46 GMT
content-encoding: gzip
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
last-modified: Tue, 14 Jun 2022 17:44:33 GMT
server: nginx/1.20.1
x-amz-cf-pop: FRA56-P3
age: 3254168
etag: W/"62a8c901-8d68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=15552000, public
x-amz-cf-id: eTVtUL8r4MkueIhxSuntlv5_mpB7AFoK9gowMImMuUkCFQd39tf_8A==
expires: Thu, 28 Nov 2024 12:33:46 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
197 B 43ms
40ms XHR
text/html 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://assets.sentinelone.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 6si.min.js Show response
j.6sc.co/ 66 KB
162 B 47ms
44ms Script
application/javascript 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

4d3dab569c7b9e24ba3484873769a6b4a34bd3ab4ef6ff53b1c5a5c60f7d5663

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Jun 2024 00:42:44 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "666b9204-10980"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 18315
expires: Tue, 09 Jul 2024 04:29:54 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
76 KB 156ms
155ms Script
application/javascript 172.217.18.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-13115870

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGGXSJ

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f104.1e100.net

Software

Google Tag Manager /

Resource Hash

852463198b95c048fb575fc626e99e274f9bacefc67f513a451afed5f56bd5ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77885
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jul 2024 04:29:54 GMT

GET
H3 200 a.js Show response
cdn.calibermind.com/ 213 KB
59 KB 109ms
55ms Script
application/javascript 172.67.213.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.calibermind.com/a.js

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.213.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0647d8975d5c92ea700e635befca523c5aac18754b8454d954909fe070e68cc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 16036
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Oct 2023 19:21:52 GMT
server: cloudflare
etag: W/"651dbb50-354c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WICrMuChktbdSXlHOrCcRW8rUlwX4rFtLWW0ilgrY51do%2B916WAd5bpASN2PrWaJ1doB9eIyqw45EASfXkL%2FgngU8UQKBm6MQEkbTaApB1fCS9eW4vH2d0GoLl0KxkiNCiWjHUCX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400, stale-if-error=3600
cf-ray: 8a05935f4a612c25-FRA
priority: u=3,i=?0

GET
H3 200 identifyEmail.latest.js Show response
cdn.calibermind.com/js/ 838 B
1005 B 104ms
53ms Script
application/javascript 172.67.213.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.calibermind.com/js/identifyEmail.latest.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGGXSJ

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.213.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda851ced6071adcde40501c1c09e21fd48be1594567337f82711a6371b9779c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 11366
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Oct 2023 19:24:01 GMT
server: cloudflare
etag: W/"651dbbd1-346"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BmW3uvJRiMifzDRytt%2FzboO9EkMaZIIb0JnI%2FWh1zqY6rUBAEaqZLsyfaE0TKaBP%2FFVdyfRbTm78XsZPQdG2ek0MfGASz3M16RkCDPUp2AplqDWfw%2FQVEcdO8bnT3r33GH2vuBfM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400, stale-if-error=3600
cf-ray: 8a05935f4a622c25-FRA
priority: u=3,i=?0

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 22 KB
8 KB 157ms
132ms Script
text/javascript 3.123.49.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.123.49.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-49-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f809f3c86db58eee81396ee570d2ced01fc6d91e909b49a580d46065c52ef275

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Jul 2024 04:29:54 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 141ms
141ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 09 Jul 2024 04:29:54 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 137ms
137ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 09 Jul 2024 04:29:54 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 137ms
137ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 09 Jul 2024 04:29:54 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 138ms
138ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 09 Jul 2024 04:29:54 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 137ms
136ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 09 Jul 2024 04:29:54 GMT

GET
H2

200

/
attr.ml-api.io/
Redirect Chain

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.sentinelone.com%26pId%3d%24UID
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.sentinelone.com%26pId%3d%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dwww.sentinelone.com%2526pId%253d%2524UID
https://attr.ml-api.io/?domain=www.sentinelone.com&pId=4716852149119774972

4 B
281 B

343ms
192ms

Image
application/json

2600:9000:206f:9400:5:7a81:86c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attr.ml-api.io/?domain=www.sentinelone.com&pId=4716852149119774972
Requested by: Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Protocol: H2
Server: 2600:9000:206f:9400:5:7a81:86c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:55 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: application/json
alt-svc: h3=":443"; ma=86400
content-length: 4
apigw-requestid: aoJukijGoAMESrw=
x-amz-cf-id: 5DfLOhN6x5F4P6jVoRy7YKltBLVmdIZlVrsFDvWZQA18TnxfugGJag==

Redirect headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:55 GMT
an-x-request-uuid: 321f08f6-3169-4ac4-ac86-b79e93e226d9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://attr.ml-api.io/?domain=www.sentinelone.com&pId=4716852149119774972
x-proxy-origin: 80.255.7.109; 80.255.7.109; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rt
tags.srv.stackadapt.com/ 43 B
940 B 241ms
129ms Image
image/gif 3.123.49.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.srv.stackadapt.com/rt?sid=DIQlrAikIjHHohfyFxzIrn
Requested by: Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.123.49.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-49-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
content-length: 43
content-type: image/gif

GET
H2 200 adsct
t.co/1/i/ 43 B
253 B 232ms
231ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=5&eci=3&event=%7B%7D&event_id=a6d11156-2e13-41b4-b582-3d191f1be691&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6fe88818-7770-43d5-9838-7e5c3559bd04&tw_document_href=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&tw_iframe_status=0&txn_id=nv1yw&type=javascript&version=2.3.30

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 185
date: Tue, 09 Jul 2024 04:29:53 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 36ef71960a01d089
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 311366bc4bcbfc6ba0c4ebdbd76be02574cea014bc2b66db63ad7dc62894dcd4
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
571 B 225ms
225ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=5&eci=3&event=%7B%7D&event_id=a6d11156-2e13-41b4-b582-3d191f1be691&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6fe88818-7770-43d5-9838-7e5c3559bd04&tw_document_href=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&tw_iframe_status=0&txn_id=nv1yw&type=javascript&version=2.3.30

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 185
date: Tue, 09 Jul 2024 04:29:54 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e3dcfe5de0e6682c
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 2c8a4e67ab2dc898f9a5a333ae237d069916c70cdfdfcb69ac8b463d4bc05823
content-length: 43

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 84ms
55ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-38175129-4&cid=2144185504.1720499394&jid=1382526156&gjid=595626910&_gid=245491309.1720499394&npa=1&_u=aEDAAUABAAAAACAAI~&z=1493530449

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 Jul 2024 04:29:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://assets.sentinelone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 41ms
41ms Script
application/x-javascript 104.102.38.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 04:29:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Thu, 17 Oct 2024 04:29:54 GMT

GET
H2 200 658625 Show response
assets.sentinelone.com/pdf/ 8 MB
8 MB 539ms
539ms Fetch
application/pdf 52.73.194.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.sentinelone.com/pdf/658625

Requested by

Host: cdn.pathfactory.com
URL: https://cdn.pathfactory.com/pdfjs/2.16.105/build/pdf.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.73.194.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-73-194-60.compute-1.amazonaws.com

Software

Resource Hash

b403ea3c3eed310e87d52fed4a2bf811798dc948cd282b98a23a4cdafdb0fac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

client-id: LB-0F405271-10546
Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.413159
date: Tue, 09 Jul 2024 04:29:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
etag: "5bed42d8299a64e2a7401d572009f1d5"
vary: Accept, Origin
content-type: application/pdf
cache-control: max-age=0, private, must-revalidate
content-transfer-encoding: binary
content-disposition: attachment; filename="chamelgang-friends-en.pdf"; filename*=UTF-8''chamelgang-friends-en.pdf
x-robots-tag: noindex, nofollow, noarchive
x-request-id: b4e7e123-277f-46b1-b611-2ba0f8eef7c4

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 725 B
711 B 115ms
45ms XHR
application/json 13.248.142.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.142.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash: d454566fbbab8fcbc70a1c3139be25be5205712442564fe24a5e0258e3337a98

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Authorization: Token 8ba4c5a3fa178cfadac2b61291295db2874be830
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
X-6s-CustomID: WebTag1.0 3576c97e67a9b7f8553a44ff1cc54791

Response headers

x-trace-id: 3084781972781345520
date: Tue, 09 Jul 2024 04:29:54 GMT
content-encoding: gzip
server: nginx
vary: Origin, Accept-Encoding
content-type: application/json
x-6si-region: eu-central-1a
access-control-allow-origin: https://assets.sentinelone.com
access-control-expose-headers: X-6si-Region
access-control-allow-credentials: true
timing-allow-origin: https://6sense.com, https://www.ssga.com
content-length: 387

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 134ms
45ms Preflight 13.248.142.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.142.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://assets.sentinelone.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://assets.sentinelone.com
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
date: Tue, 09 Jul 2024 04:29:54 GMT
server: nginx
timing-allow-origin: https://6sense.com, https://www.ssga.com
x-6si-region: eu-central-1a
x-trace-id: 6262370251764634384

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 134ms
46ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RB6JC05KKN&gtm=45je4730v9137561633za200&_p=1720499393522&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=2144185504.1720499394&ul=de-de&sr=1600x1200&_ng=1&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1720499394&sct=1&seg=0&dl=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&dt=Chamelgang%20%26%20Friends%20%7C%20Cyberespionage%20Groups%20Attacking%20Critical%20Infrastructure%20with%20Ransomware&en=page_view&_fv=1&_ss=1&tfd=1817&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RB6JC05KKN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://assets.sentinelone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 54ms
53ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-RB6JC05KKN&cid=2144185504.1720499394&gtm=45je4730v9137561633za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RB6JC05KKN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://assets.sentinelone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 101ms
52ms Image
image/gif 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-RB6JC05KKN&cid=2144185504.1720499394&gtm=45je4730v9137561633za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&z=340617476

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 138ms
137ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 09 Jul 2024 04:29:54 GMT

GET
H2 200 forms2.min.js Show response
go.sentinelone.com/js/forms2/js/ Frame A1FF 199 KB
0 0ms
0ms Script
application/x-javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.sentinelone.com/js/forms2/js/forms2.min.js

Requested by

Host: go.sentinelone.com
URL: https://go.sentinelone.com/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0423f69dc0e5f863d923e48c8c61298979b1c3fbdacbf6976d2b36f160bdea88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.sentinelone.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
age: 4587
etag: "d006e9-31b30-619b21e0856c0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 8a05935b5fbfaca4-TXL
expires: Tue, 09 Jul 2024 08:29:53 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 141ms
54ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-38175129-1&cid=2144185504.1720499394&jid=788552435&npa=1&_u=aEDAAUAAAAAAACAAI~&z=1056322309

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 72ms
50ms Image
image/gif 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-38175129-1&cid=2144185504.1720499394&jid=788552435&npa=1&_u=aEDAAUAAAAAAACAAI~&z=1056322309

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 112ms
55ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-38175129-4&cid=2144185504.1720499394&jid=1382526156&npa=1&_u=aEDAAUABAAAAACAAI~&z=1393967955

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 55ms
52ms Image
image/gif 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-38175129-4&cid=2144185504.1720499394&jid=1382526156&npa=1&_u=aEDAAUABAAAAACAAI~&z=1393967955

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
197 B 43ms
40ms XHR
text/html 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://assets.sentinelone.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 19 B
312 B 44ms
42ms XHR
text/html 2a02:26f0:480:23::1726:62a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:23::1726:62a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c0ad39faea959c6452ccf07bbf3c65bf7f5e1afa8df00d05cfbb1087a8aee9ac

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://assets.sentinelone.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a01:4a0:1338:92::6
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1720499394447_388391911_789843363_21_819_40_0_219";dur=1
content-length: 19
expires: Tue, 09 Jul 2024 04:29:54 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 125ms
40ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=307303873637462&ev=PageView&dl=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&rl=&if=false&ts=1720499394435&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720499394434.810348320316795685&ler=empty&cdl=API_unavailable&it=1720499394241&coo=false&rqm=GET

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2802, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 09 Jul 2024 04:29:54 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 285ms
208ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=307303873637462&ev=PageView&dl=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&rl=&if=false&ts=1720499394435&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720499394434.810348320316795685&ler=empty&cdl=API_unavailable&it=1720499394241&coo=false&rqm=FGET

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xc72e9cbee7bd8640","source_keys":["1","2"]},{"key_piece":"0x716e7e3c4cc350e8","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 09 Jul 2024 04:29:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389488631040526243", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=3120, tp=-1, tpl=-1, uplat=166, ullat=0
pragma: no-cache
x-fb-debug: Jfkk1fHmltuCZ/iFf4GBsxKy84jaNYuchS3ttPmXCpxetOgYNQAI0u7iZ5RPTc0mFeixVh/OqU4Nc2i03TjdZw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389488631040526243"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

HEAD
H/1.1 200
OK tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/ 0
0 487ms
119ms Fetch
image/gif 34.236.250.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://spcollector.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/tracks.js?x=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.250.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-250-134.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 04:29:54 GMT
Server: akka-http/10.0.9
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 725 B
710 B 58ms
44ms XHR
application/json 13.248.142.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.142.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash: d454566fbbab8fcbc70a1c3139be25be5205712442564fe24a5e0258e3337a98

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Authorization: Token 8ba4c5a3fa178cfadac2b61291295db2874be830
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
X-6s-CustomID: WebTag1.0 3576c97e67a9b7f8553a44ff1cc54791

Response headers

x-trace-id: 7276201615091590627
date: Tue, 09 Jul 2024 04:29:54 GMT
content-encoding: gzip
server: nginx
vary: Origin, Accept-Encoding
content-type: application/json
x-6si-region: eu-central-1a
access-control-allow-origin: https://assets.sentinelone.com
access-control-expose-headers: X-6si-Region
access-control-allow-credentials: true
timing-allow-origin: https://6sense.com, https://www.ssga.com
content-length: 387

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/ea333f827b114f8cb49ce787666ea90b/ 43 B
421 B 486ms
119ms Image
image/gif 52.45.88.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/ea333f827b114f8cb49ce787666ea90b/pixel?j=1&u=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&tag=ViewContent&ts=1720499394603

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.88.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-88-24.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 04:29:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,ea5a0e0129915e61e7136e703acd50b0,10.0.0.100,10374,80.255.7.109,,260869760219,1,1720499395.080,0.001,,.,0,0,0.000,0.000,-,0,0,203,190,95,10,34729,,,,,,-,
Content-Type: image/gif

GET
H2 200 modules.e4b2dc39f985f11fb1e4.js Show response
script.hotjar.com/ 223 KB
56 KB 158ms
45ms Script
application/javascript 13.33.187.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2714452.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-19.fra60.r.cloudfront.net

Software

Resource Hash

619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Jul 2024 08:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 3e79abe3bfc4a431738eb9199cb216f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 677927
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56291
last-modified: Mon, 01 Jul 2024 08:10:34 GMT
etag: "ca025d2d8ae4b3dc51e058b782590501"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Xcq2VFv2cnamPTj9H-3L3MkP59gGt7TfhUZchwP___MRp_ItQ7kfIQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
0 0ms
0ms Script
application/javascript 172.217.18.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-13115870

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGGXSJ

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f104.1e100.net

Software

Google Tag Manager /

Resource Hash

852463198b95c048fb575fc626e99e274f9bacefc67f513a451afed5f56bd5ce

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
content-encoding: br
last-modified: Tue, 09 Jul 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77885
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jul 2024 04:29:54 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 53ms
53ms XHR
text/plain 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=391280588&t=event&ni=1&_s=1&dl=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&ul=de-de&de=UTF-8&dt=Chamelgang%20%26%20Friends%20%7C%20Cyberespionage%20Groups%20Attacking%20Critical%20Infrastructure%20with%20Ransomware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=aEDAAUABAAAAACAAI~&jid=686806918&gjid=960962950&cid=2144185504.1720499394&tid=UA-38175129-1&_gid=245491309.1720499394&_r=1&_slc=1&gtm=45He4730n71KGGXSJv71208095za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&cd1=&cd2=&cd3=&cd4=Germany&cd5=&npa=1&z=921098973

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://assets.sentinelone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
0 0ms
0ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGGXSJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 03:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2933
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 09 Jul 2024 05:41:01 GMT

POST
H/1.1 200
OK visitWebPage
327-mnm-087.mktoresp.com/webevents/ 2 B
318 B 584ms
124ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://327-mnm-087.mktoresp.com/webevents/visitWebPage?_mchNc=1720499394658&_mchCn=&_mchId=327-MNM-087&_mchTk=_mch-sentinelone.com-1720499394657-86531&_mchHo=assets.sentinelone.com&_mchPo=&_mchRu=%2Fsentinellabs%2Fchamelgang-friends-en&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 04:29:55 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: d3b9ce86-6b8d-495a-a2ca-344d204e7153

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 130ms
129ms Stylesheet
text/css 3.123.49.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.123.49.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-49-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e1347bd0cacff20609ce7c2d3819bc4b7ccf067348273adf99eafa06e4ecbc93

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Jul 2024 04:29:54 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 208ms
129ms Fetch
image/jpeg 3.123.49.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.123.49.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-49-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Jul 2024 04:29:54 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
0 209ms
209ms Fetch
image/jpeg 3.123.49.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.123.49.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-49-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Jul 2024 04:29:54 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 rt
tags.srv.stackadapt.com/ 43 B
108 B 130ms
129ms Image
image/gif 3.123.49.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.srv.stackadapt.com/rt?sid=uQM497B9yR1fPnLLwZZDtK&url=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&t=Chamelgang%20%26%20Friends%20%7C%20Cyberespionage%20Groups%20Attacking%20Critical%20Infrastructure%20with%20Ransomware&tip=aqKyfTpnDymsM36OuxOcMic45g_hk_MH4mdGVMC0ZEY&l_src=&l_src_d=&u_src=&u_src_d=&shop=false
Requested by: Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.123.49.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-49-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:54 GMT
content-length: 43
content-type: image/gif

GET
H2 204 134618848.js Show response
bat.bing.com/p/action/ 0
119 B 80ms
80ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134618848.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 09 Jul 2024 04:29:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CC19932DE34E4533AECB0BF1692AB2D3 Ref B: FRA31EDGE0809 Ref C: 2024-07-09T04:29:54Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 67ms
66ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134618848&tm=gtm002&Ver=2&mid=f74d4c59-0be9-4385-81b7-41b9a9b3344f&sid=e40ed5a03dab11ef99627589513bdef4&vid=e40ee8d03dab11efb3db154710dc4f15&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Chamelgang%20%26%20Friends%20%7C%20Cyberespionage%20Groups%20Attacking%20Critical%20Infrastructure%20with%20Ransomware&p=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&r=&lt=1488&evt=pageLoad&sv=1&cdb=ARoB&rn=221776

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 Jul 2024 04:29:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 19EBFC64F66448C6BB740F584A020232 Ref B: FRA31EDGE0809 Ref C: 2024-07-09T04:29:54Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 p Show response
e.calibermind.com/v1/ 16 B
600 B 450ms
394ms Fetch
application/json 172.67.213.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://e.calibermind.com/v1/p

Requested by

Host: cdn.calibermind.com
URL: https://cdn.calibermind.com/a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.213.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Jul 2024 04:29:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 16
x-request-id: e199f9fe-4946-45be-ac57-f34f448e2b27
server: cloudflare
access-control-max-age: 900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aRn%2BnWeKSisdCL0S2FPASW6%2BzcEmZosmyQqOPv6bGjDahTSP%2BxsSIHAENGpKiAuvBZF%2F57HHBGaf3n2JqLpBlQYrWcnYEMJnGVk%2BjZT2ZpvX%2Bmoeplg%2FE2Ck58GSG%2BWkISJKbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 8a0593612a501c09-FRA
access-control-allow-headers: Content-Type,Authorization
priority: u=1,i

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
41ms Image
image/gif 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=391280588&t=event&ni=1&_s=1&dl=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&ul=de-de&de=UTF-8&dt=Chamelgang%20%26%20Friends%20%7C%20Cyberespionage%20Groups%20Attacking%20Critical%20Infrastructure%20with%20Ransomware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=aEDAAUABAAAAACAAI~&jid=&gjid=&cid=2144185504.1720499394&tid=UA-38175129-1&_gid=245491309.1720499394&gtm=45He4730n71KGGXSJv71208095za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&cd1=&cd2=&cd3=&cd4=Germany&cd5=&npa=1&z=800362268

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 21:19:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25841
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/970186784/ 3 KB
2 KB 151ms
80ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/970186784/?random=1720499394686&cv=11&fst=1720499394686&bg=ffffff&guid=ON&async=1&gtm=45be4730v890159661z871208095za201zb71208095&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&label=P7U6CJqLydsBEKDAz84D&hn=www.googleadservices.com&frm=0&tiba=Chamelgang%20%26%20Friends%20%7C%20Cyberespionage%20Groups%20Attacking%20Critical%20Infrastructure%20with%20Ransomware&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=721791814.1720499394&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&capi=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-970186784&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

4e9f38bf8eaeb7dc2e37e4718e24a6581d707ed0c772d7ede505b1d01d20c72f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1741
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CJ_1kdqPmYcDFalIHgIdep8PcA;src=13115870;type=pagev0;cat=reque0;ord=%5BSessionID%5D;npa=1;auiddc=721791814.1720499394;ps=1;pcor=67468211;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
13115870.fls.doubleclick.net/ Frame B854
Redirect Chain

https://13115870.fls.doubleclick.net/activityi;src=13115870;type=pagev0;cat=reque0;ord=%5BSessionID%5D;npa=1;auiddc=721791814.1720499394;ps=1;pcor=67468211;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u...
https://13115870.fls.doubleclick.net/activityi;dc_pre=CJ_1kdqPmYcDFalIHgIdep8PcA;src=13115870;type=pagev0;cat=reque0;ord=%5BSessionID%5D;npa=1;auiddc=721791814.1720499394;ps=1;pcor=67468211;uaa=;ua...

0
0

75ms
75ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://13115870.fls.doubleclick.net/activityi;dc_pre=CJ_1kdqPmYcDFalIHgIdep8PcA;src=13115870;type=pagev0;cat=reque0;ord=%5BSessionID%5D;npa=1;auiddc=721791814.1720499394;ps=1;pcor=67468211;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9135076156za200;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-13115870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 364
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jul 2024 04:29:54 GMT
expires: Tue, 09 Jul 2024 04:29:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jul 2024 04:29:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://13115870.fls.doubleclick.net/activityi;dc_pre=CJ_1kdqPmYcDFalIHgIdep8PcA;src=13115870;type=pagev0;cat=reque0;ord=%5BSessionID%5D;npa=1;auiddc=721791814.1720499394;ps=1;pcor=67468211;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9135076156za200;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
px4.ads.linkedin.com/collect/
Redirect Chain

https://px.ads.linkedin.com/collect/?pid=432890&conversionId=2402852&fmt=gif
https://px4.ads.linkedin.com/collect/?pid=432890&conversionId=2402852&fmt=gif&e_ipv6=AQKj204aqj4sqAAAAZCVwVnAEVN-TL9s2YdPvI0IhBI3xlkzzxzHDlEdqI-r1UFrvrPEH4k

43 B
267 B

223ms
223ms

Image
image/gif

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect/?pid=432890&conversionId=2402852&fmt=gif&e_ipv6=AQKj204aqj4sqAAAAZCVwVnAEVN-TL9s2YdPvI0IhBI3xlkzzxzHDlEdqI-r1UFrvrPEH4k
Requested by: Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:55 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 87152EA691F942B688CC9BC0304D7FC9 Ref B: FRAEDGE1219 Ref C: 2024-07-09T04:29:55Z
linkedin-action: 1
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
content-type: image/gif
x-li-proto: http/2
content-length: 65
x-li-uuid: AAYcyPtJ2hay3K1/2Am8ZA==

Redirect headers

date: Tue, 09 Jul 2024 04:29:54 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 98B20F87447D479FAA0970C30F91337F Ref B: FRAEDGE1406 Ref C: 2024-07-09T04:29:54Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect/?pid=432890&conversionId=2402852&fmt=gif&e_ipv6=AQKj204aqj4sqAAAAZCVwVnAEVN-TL9s2YdPvI0IhBI3xlkzzxzHDlEdqI-r1UFrvrPEH4k
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYcyPtDqbzvZnb0C1+sww==

GET
H3 200 activity;register_conversion=1;src=13115870;type=pagev0;cat=reque0;ord=%5BSessionID%5D;npa=1;auiddc=721791814.1720499394;ps=1;pcor=67468211;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi...
ad.doubleclick.net/ 0
23 B 133ms
72ms Image
image/png 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=13115870;type=pagev0;cat=reque0;ord=%5BSessionID%5D;npa=1;auiddc=721791814.1720499394;ps=1;pcor=67468211;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9135076156za200;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en?

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"2715936352048704169"}],"aggregatable_trigger_data":[{"filters":[{"14":["14055451"]}],"key_piece":"0xa9c44ac91964f05c","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x906927d0aa541dd5","not_filters":{"14":["14055451"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"10862695988711867601","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"2715936352048704169","filters":[{"14":["14055451"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"2715936352048704169","filters":[{"14":["14055451"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"2715936352048704169","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"2715936352048704169","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["13115870"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
231 B 81ms
77ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134618848&tm=gtm002&Ver=2&mid=f74d4c59-0be9-4385-81b7-41b9a9b3344f&sid=e40ed5a03dab11ef99627589513bdef4&vid=e40ee8d03dab11efb3db154710dc4f15&vids=0&msclkid=N&el=Submit%20lead%20form&gc=USD&tpp=1&ea=resource_lead&en=Y&p=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&sw=1600&sh=1200&sc=24&evt=custom&cdb=ARoB&rn=169707

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 Jul 2024 04:29:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D8283DABFEBC4396BEE9F61F899B0D90 Ref B: FRA31EDGE0809 Ref C: 2024-07-09T04:29:54Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 52ms
51ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-38175129-1&cid=2144185504.1720499394&jid=686806918&gjid=960962950&_gid=245491309.1720499394&npa=1&_u=aEDAAUABAAAAACAAI~&z=2089296857

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 Jul 2024 04:29:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://assets.sentinelone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 54ms
52ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-38175129-1&cid=2144185504.1720499394&jid=686806918&npa=1&_u=aEDAAUABAAAAACAAI~&z=583444174

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 52ms
50ms Image
image/gif 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-38175129-1&cid=2144185504.1720499394&jid=686806918&npa=1&_u=aEDAAUABAAAAACAAI~&z=583444174

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/970186784/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/970186784/?random=387365971&cv=11&fst=1720499394686&bg=ffffff&guid=ON&async=1&gtm=45be4730v890159661z871208095za201zb71208095&gcd=13...
https://www.google.com/pagead/1p-conversion/970186784/?random=387365971&cv=11&fst=1720499394686&bg=ffffff&guid=ON&async=1&gtm=45be4730v890159661z871208095za201zb71208095&gcd=13l3l3l2l1&dma_cps=syph...
https://www.google.de/pagead/1p-conversion/970186784/?random=387365971&cv=11&fst=1720499394686&bg=ffffff&guid=ON&async=1&gtm=45be4730v890159661z871208095za201zb71208095&gcd=13l3l3l2l1&dma_cps=sypha...

42 B
64 B

53ms
53ms

Image
image/gif

142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/970186784/?random=387365971&cv=11&fst=1720499394686&bg=ffffff&guid=ON&async=1&gtm=45be4730v890159661z871208095za201zb71208095&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&label=P7U6CJqLydsBEKDAz84D&hn=www.googleadservices.com&frm=0&tiba=Chamelgang%20%26%20Friends%20%7C%20Cyberespionage%20Groups%20Attacking%20Critical%20Infrastructure%20with%20Ransomware&value=0&npa=1&pscdl=noapi&auid=721791814.1720499394&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCKPFsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcjtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIq-SN2o-ZhwMV2guiAx2nKAkgMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6QWh0dHBzOi8vYXNzZXRzLnNlbnRpbmVsb25lLmNvbS9zZW50aW5lbGxhYnMvY2hhbWVsZ2FuZy1mcmllbmRzLWVu&is_vtc=1&cid=CAQSKQDaQooLuTz6vy8J7QUoea1ABPN1hzoUGHL2ZqHQmiFqh7eOSftCMcLK&eitems=ChAI8JyutAYQ3oH0h821mZw8Eh0ATv_fqdVJ0EOhiapL-fVhooe3Y6t7IM7EddsprA&random=2994720042&ipr=y

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/970186784/?random=387365971&cv=11&fst=1720499394686&bg=ffffff&guid=ON&async=1&gtm=45be4730v890159661z871208095za201zb71208095&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&label=P7U6CJqLydsBEKDAz84D&hn=www.googleadservices.com&frm=0&tiba=Chamelgang%20%26%20Friends%20%7C%20Cyberespionage%20Groups%20Attacking%20Critical%20Infrastructure%20with%20Ransomware&value=0&npa=1&pscdl=noapi&auid=721791814.1720499394&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCKPFsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcjtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIq-SN2o-ZhwMV2guiAx2nKAkgMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6QWh0dHBzOi8vYXNzZXRzLnNlbnRpbmVsb25lLmNvbS9zZW50aW5lbGxhYnMvY2hhbWVsZ2FuZy1mcmllbmRzLWVu&is_vtc=1&cid=CAQSKQDaQooLuTz6vy8J7QUoea1ABPN1hzoUGHL2ZqHQmiFqh7eOSftCMcLK&eitems=ChAI8JyutAYQ3oH0h821mZw8Eh0ATv_fqdVJ0EOhiapL-fVhooe3Y6t7IM7EddsprA&random=2994720042&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 213 B
411 B 130ms
129ms XHR
text/plain 3.123.49.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=_Cv1ULrV9dssq6yGX6-Dzw&is_js=true&landing_url=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&t=Chamelgang%20%26%20Friends%20%7C%20Cyberespionage%20Groups%20Attacking%20Critical%20Infrastructure%20with%20Ransomware&tip=aqKyfTpnDymsM36OuxOcMic45g_hk_MH4mdGVMC0ZEY&host=https%3A%2F%2Fassets.sentinelone.com&sa_conv_data_css_value=%270-9f30733a-0df6-5877-793a-3df8e9a44112%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd99f30733a0df65877793a3df8e9a4411250ff076d&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIL5gLzFMPNq9k6KNcZgRKN_1fCehjKLJqFV2Kc1FThedENYBGAQgwvmytAYwAToErI9ciEIEICTfcQ.gJKj7CQT0ON7V3S%252B6u7CovywyXmC%252Fm4H2WS41JPzE%252B4&sa-user-id-v2=s%253AnzBzOg32WHd5Oj346aRBElD_B20.sbU6buoIuXA9VPZD%252BvFxbMthJaLNC7MSEqdXD4SjPK8&sa-user-id=s%253A0-9f30733a-0df6-5877-793a-3df8e9a44112.SBuF1t3w9KdaS5Lr9cb%252B%252Bk7dLL3lxc4Ioe%252BcsMf5Kdk
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.123.49.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-49-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8878bfedd760d2b890a0c7979d06850f45090fbcf75faa3cfae8f8787479516b

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://assets.sentinelone.com
date: Tue, 09 Jul 2024 04:29:54 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 213
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 213 B
411 B 131ms
130ms XHR
text/plain 3.123.49.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=_Cv1ULrV9dssq6yGX6-Dzw&is_js=true&landing_url=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&t=Chamelgang%20%26%20Friends%20%7C%20Cyberespionage%20Groups%20Attacking%20Critical%20Infrastructure%20with%20Ransomware&tip=aqKyfTpnDymsM36OuxOcMic45g_hk_MH4mdGVMC0ZEY&host=https%3A%2F%2Fassets.sentinelone.com&sa_conv_data_Event%20Name=mkto.form.success&sa_conv_data_css_value=&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd99f30733a0df65877793a3df8e9a4411250ff076d&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIL5gLzFMPNq9k6KNcZgRKN_1fCehjKLJqFV2Kc1FThedENYBGAQgwvmytAYwAToErI9ciEIEICTfcQ.gJKj7CQT0ON7V3S%252B6u7CovywyXmC%252Fm4H2WS41JPzE%252B4&sa-user-id-v2=s%253AnzBzOg32WHd5Oj346aRBElD_B20.sbU6buoIuXA9VPZD%252BvFxbMthJaLNC7MSEqdXD4SjPK8&sa-user-id=s%253A0-9f30733a-0df6-5877-793a-3df8e9a44112.SBuF1t3w9KdaS5Lr9cb%252B%252Bk7dLL3lxc4Ioe%252BcsMf5Kdk
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.123.49.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-49-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8878bfedd760d2b890a0c7979d06850f45090fbcf75faa3cfae8f8787479516b

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://assets.sentinelone.com
date: Tue, 09 Jul 2024 04:29:54 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 213
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

OPTIONS
H2 200 associate
jukebox.pathfactory.com/api/public/v1/page_views/ Frame 0
0 375ms
119ms Preflight 35.170.173.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/page_views/associate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.173.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-173-60.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-csrf-token
Access-Control-Request-Method: POST
Origin: https://assets.sentinelone.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-csrf-token
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://assets.sentinelone.com
access-control-expose-headers
access-control-max-age: 7200
date: Tue, 09 Jul 2024 04:29:55 GMT

OPTIONS
H2 200 page_views
jukebox.pathfactory.com/api/public/v1/ Frame 0
0 374ms
120ms Preflight 35.170.173.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/page_views
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.173.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-173-60.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-csrf-token
Access-Control-Request-Method: POST
Origin: https://assets.sentinelone.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-csrf-token
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://assets.sentinelone.com
access-control-expose-headers
access-control-max-age: 7200
date: Tue, 09 Jul 2024 04:29:55 GMT

POST
H2 204 associate Show response
jukebox.pathfactory.com/api/public/v1/page_views/ 0
479 B 370ms
134ms XHR
text/plain 35.170.173.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/api/public/v1/page_views/associate

Requested by

Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/tracks.js?x=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.170.173.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-170-173-60.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
X-CSRF-Token: +bX1pv+Ir5gFaB/71pbgLqARqNTkaSu4G2rI/sXHQazf8dTiN8OlA2uWVceLAvMV8LMPJPVk0YY2ATBit251yg==
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.013915
date: Tue, 09 Jul 2024 04:29:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://assets.sentinelone.com
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
vary: Origin
x-request-id: 165424bf-bd22-4895-9085-c238be85703b

GET
H2 200 sp.lite.js Show response
cdn-app.pathfactory.com/libraries/tracker/3.19.0/ 43 KB
16 KB 40ms
40ms Script
application/javascript 13.32.99.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-app.pathfactory.com/libraries/tracker/3.19.0/sp.lite.js
Requested by: Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-6.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25462e537585513efd706d55cf4cd890b30f382ab96c0f6df75c41c1095d58ed

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
date: Tue, 09 Jul 2024 03:35:15 GMT
last-modified: Wed, 03 Jan 2024 16:25:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 3290
x-amz-server-side-encryption: AES256
etag: W/"1aed05295e6c59943103b6fa7150f848"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: xFYVQiV1pDDZgg-7ABMJq8-18xgaufd3jUl8iODaaUkKjobI7z5JPQ==

POST
H2 200 page_views Show response
jukebox.pathfactory.com/api/public/v1/ 153 B
763 B 748ms
513ms XHR
application/json 35.170.173.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/api/public/v1/page_views

Requested by

Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/tracks.js?x=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.170.173.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-170-173-60.compute-1.amazonaws.com

Software

Resource Hash

ef108d54169e5a50df7716b8288075cc1cd0d4a9a68d904d09f342d9a61ecbd0

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
X-CSRF-Token: +bX1pv+Ir5gFaB/71pbgLqARqNTkaSu4G2rI/sXHQazf8dTiN8OlA2uWVceLAvMV8LMPJPVk0YY2ATBit251yg==
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 Jul 2024 04:29:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy
content-encoding: gzip
x-request-id: 6201eb79-28fa-4332-a2ae-e71349b857d0
x-runtime: 0.392259
referrer-policy: no-referrer-when-downgrade
etag: W/"ef108d54169e5a50df7716b8288075cc"
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://assets.sentinelone.com
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate

GET
H2 200 link-click.js Show response
cdn-app.pathfactory.com/libraries/tracker/3.19.0/plugin/ 6 KB
3 KB 40ms
40ms Script
application/javascript 13.32.99.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-app.pathfactory.com/libraries/tracker/3.19.0/plugin/link-click.js
Requested by: Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/libraries/tracker/3.19.0/sp.lite.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-6.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0927046a7f82a1f6e6e48d1115be04d8e053922775f03d0fdecef3b60e92f8cb

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
date: Tue, 09 Jul 2024 03:03:49 GMT
last-modified: Wed, 03 Jan 2024 16:25:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 5167
x-amz-server-side-encryption: AES256
etag: W/"312554e163da7d1fad8823ce4ad2d17c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Qx8lAiawkHLqc7F3RUqRiJq4uXefrJRU9s-XDeIKKq0K7T6l1JdCHQ==

OPTIONS
H/1.1 200
OK tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/ Frame 0
0 120ms
120ms Preflight 34.236.250.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://spcollector.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.250.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-250-134.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://assets.sentinelone.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://assets.sentinelone.com
Access-Control-Max-Age: 5
Connection: keep-alive
Content-Length: 0
Date: Tue, 09 Jul 2024 04:29:55 GMT
Server: akka-http/10.0.9

OPTIONS
H2 200 tp2
jukebox.pathfactory.com/com.snowplowanalytics.snowplow/ Frame 0
0 283ms
120ms Preflight 35.170.173.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.173.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-173-60.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://assets.sentinelone.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://assets.sentinelone.com
access-control-expose-headers
access-control-max-age: 7200
date: Tue, 09 Jul 2024 04:29:55 GMT

POST
H/1.1 200
OK tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/ 2 B
467 B 495ms
125ms Ping
text/plain 34.236.250.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://spcollector.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/libraries/tracker/3.19.0/sp.lite.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.250.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-250-134.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 09 Jul 2024 04:29:55 GMT
Server: akka-http/10.0.9
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: https://assets.sentinelone.com
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

POST
H2 200 tp2
jukebox.pathfactory.com/com.snowplowanalytics.snowplow/ 0
514 B 371ms
136ms Ping
text/html 35.170.173.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/com.snowplowanalytics.snowplow/tp2

Requested by

Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/libraries/tracker/3.19.0/sp.lite.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.170.173.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-170-173-60.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.014945
date: Tue, 09 Jul 2024 04:29:55 GMT
content-security-policy
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
content-type: text/html
access-control-allow-origin: https://assets.sentinelone.com
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
x-request-id: 0e36ad7a-d355-4835-b72a-231dfcb3f0ab

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 137ms
137ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: assets.sentinelone.com
URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:55 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 09 Jul 2024 04:29:55 GMT

GET
H2 200 8279593e-5de6-4b07-b2d3-dc1d506d9d7e.png
cdn.pathfactory.com/assets/10546/icons/714077/ 2 KB
3 KB 426ms
426ms Other
image/png 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pathfactory.com/assets/10546/icons/714077/8279593e-5de6-4b07-b2d3-dc1d506d9d7e.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1fe22d6d17e767a9831a2fa3efe8f405c932e75fdfbed9c814b6c93b5c62f70c

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:56 GMT
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
last-modified: Thu, 22 Feb 2024 15:58:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256
etag: "3b9146e8fecab0ede8422fc7a23a7ea6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=60, must-revalidate
accept-ranges: bytes
content-length: 2177
x-amz-cf-id: Te2L7pO6Kb3gfCob0A0QqCOyrcA4K_D5g1X2YK6Tse5Z5PpHOsWPcg==

GET
H2 200 test Show response
cdn.abrankings.com/ 2 B
420 B 156ms
79ms XHR
application/json 2600:9000:223d:400:11:8a36:7200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.abrankings.com/test?url=https%3A%2F%2Fassets.sentinelone.com%2Fsentinellabs%2Fchamelgang-friends-en&abr_id=1280
Requested by: Host: cdn.abrankings.com
URL: https://cdn.abrankings.com/js/client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:400:11:8a36:7200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-my-header: my-header-content
date: Tue, 09 Jul 2024 04:29:56 GMT
content-encoding: gzip
via: 1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
server: nginx/1.20.1
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=60, public
x-amz-cf-id: icrPA9kxcSZO57DuDy8dMs7z7d-hnIfSPbdbLkzGxNp7ohBP6MkufA==

GET
H2 200 shadow.png
cdn.pathfactory.com/pdfjs/2.16.105/web/images/ 269 B
630 B 40ms
40ms Image
image/png 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/images/shadow.png
Requested by: Host: cdn.pathfactory.com
URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbf63a8d99571b28313d50e1f0489655696a2ce4ed4f24bfdc09deadc8cc15c8

Request headers

Referer: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 01:29:07 GMT
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
last-modified: Tue, 28 Mar 2023 14:27:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 11155
x-amz-server-side-encryption: AES256
etag: "ff1470fe29c003ba93ae2d1cc99b13f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 269
x-amz-cf-id: e0uBNtbi30zjhkfMCOottFBlat15n1sv3bEDoo4ZRIvzjkrFG-Jdbg==

GET
H2 200 loading-icon.gif
cdn.pathfactory.com/pdfjs/2.16.105/web/images/ 2 KB
3 KB 39ms
39ms Image
image/gif 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/images/loading-icon.gif
Requested by: Host: cdn.pathfactory.com
URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 483c4a0396691993a641ec409c44b8b7e1daab0ae7e2b2944c4bc59520bb7655

Request headers

Referer: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 01:38:08 GMT
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
last-modified: Tue, 28 Mar 2023 14:27:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 10309
x-amz-server-side-encryption: AES256
etag: "faa74e8c61fc64d5edb11613c7eead2c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 2545
x-amz-cf-id: ENrHwA-IX7f1TYjz74gczYTCfGpTCEeyFUoPAEfq3CScyeTKE7LOgw==

GET
H2 200 loading.svg
cdn.pathfactory.com/pdfjs/2.16.105/web/images/ 2 KB
898 B 40ms
40ms Image
image/svg+xml 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/images/loading.svg
Requested by: Host: cdn.pathfactory.com
URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d6e14cf6226c74c26e2141180eadc944ef4ce8565e9b6dd2670ec202417a764

Request headers

Referer: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 04:59:39 GMT
content-encoding: gzip
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
last-modified: Tue, 28 Mar 2023 14:27:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 84798
x-amz-server-side-encryption: AES256
etag: W/"28e82fa827563f85d2986895c1162311"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 75qaCX2nma_rtGiXZ3EF-dR50A6bOpNZfHfXuwEiu6G4x_0bQ7VGPA==

OPTIONS
H2 200 create_event
jukebox.pathfactory.com/api/public/v1/page_views/ Frame 0
0 120ms
120ms Preflight 35.170.173.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/page_views/create_event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.173.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-173-60.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-csrf-token
Access-Control-Request-Method: POST
Origin: https://assets.sentinelone.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-csrf-token
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://assets.sentinelone.com
access-control-expose-headers
access-control-max-age: 7200
date: Tue, 09 Jul 2024 04:29:56 GMT

OPTIONS
H2 200 create_event
jukebox.pathfactory.com/api/public/v1/page_views/ Frame 0
0 120ms
120ms Preflight 35.170.173.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/page_views/create_event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.173.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-173-60.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-csrf-token
Access-Control-Request-Method: POST
Origin: https://assets.sentinelone.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-csrf-token
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://assets.sentinelone.com
access-control-expose-headers
access-control-max-age: 7200
date: Tue, 09 Jul 2024 04:29:56 GMT

OPTIONS
H2 200 create_event
jukebox.pathfactory.com/api/public/v1/page_views/ Frame 0
0 119ms
119ms Preflight 35.170.173.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/page_views/create_event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.173.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-173-60.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-csrf-token
Access-Control-Request-Method: POST
Origin: https://assets.sentinelone.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-csrf-token
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://assets.sentinelone.com
access-control-expose-headers
access-control-max-age: 7200
date: Tue, 09 Jul 2024 04:29:56 GMT

GET
H2 200 fontawesome-webfont.woff2
cdn.pathfactory.com/web-fonts/font-awesome/ 69 KB
70 KB 40ms
40ms Font
binary/octet-stream 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pathfactory.com/web-fonts/font-awesome/fontawesome-webfont.woff2?v=4.6.1
Requested by: Host: cdn.pathfactory.com
URL: https://cdn.pathfactory.com/web-fonts/font-awesome/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Request headers

Referer: https://cdn.pathfactory.com/web-fonts/font-awesome/font-awesome.min.css
Origin: https://assets.sentinelone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 04:43:17 GMT
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
age: 85600
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 70728
last-modified: Mon, 27 Mar 2023 14:48:48 GMT
server: AmazonS3
etag: "926c93d201fe51c8f351e858468980c3"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding,Origin
accept-ranges: bytes
x-amz-cf-id: QIRJFPPTHId8dXqunVf1soMcKfRkGn7UbDCwYM1NhW3XM9SlL9TKTw==

GET
H2 200 659b31f3-9b31-43cd-8474-e723b897d866.ttf
cdn.pathfactory.com/assets/2/fonts/ 64 KB
65 KB 447ms
447ms Font
application/octet-stream 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pathfactory.com/assets/2/fonts/659b31f3-9b31-43cd-8474-e723b897d866.ttf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ba5deee5ba7db155c23554705e9b9c812389d03060531e310e9b70bc4be800b

Request headers

Referer: https://assets.sentinelone.com/
Origin: https://assets.sentinelone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:57 GMT
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 66028
last-modified: Wed, 15 Apr 2020 17:50:44 GMT
server: AmazonS3
etag: "46e967b815ca51f5f3d477f178662f51"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, HEAD
access-control-allow-origin: *
cache-control: max-age=60, must-revalidate
vary: Accept-Encoding,Origin
accept-ranges: bytes
x-amz-cf-id: NMvf5hYXZh0BOENIAr39HUZfScc1J7v1KKU2GSrS9e3iL3wMuKZmZw==

GET
H2 200 4a9450f7-309c-4bb3-8de5-f225e0d2eb95.ttf
cdn.pathfactory.com/assets/2/fonts/ 65 KB
66 KB 431ms
431ms Font
application/octet-stream 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pathfactory.com/assets/2/fonts/4a9450f7-309c-4bb3-8de5-f225e0d2eb95.ttf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2567d7a267a93cdab7551a40a838d0057d3d02685746c445278d6de182d32c1a

Request headers

Referer: https://assets.sentinelone.com/
Origin: https://assets.sentinelone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:57 GMT
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 66804
last-modified: Wed, 15 Apr 2020 17:51:04 GMT
server: AmazonS3
etag: "b2df24321c7e2c2e59319f692de5fdee"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, HEAD
access-control-allow-origin: *
cache-control: max-age=60, must-revalidate
vary: Accept-Encoding,Origin
accept-ranges: bytes
x-amz-cf-id: I_rBw1tOZ65yayHLSHWeL8enyFMy-CZyLdRJG7_xRQBs3BCSMsEYiA==

POST
H/1.1 200
OK tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/ 2 B
467 B 122ms
120ms Ping
text/plain 34.236.250.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://spcollector.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/libraries/tracker/3.19.0/sp.lite.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.250.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-250-134.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 09 Jul 2024 04:29:56 GMT
Server: akka-http/10.0.9
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: https://assets.sentinelone.com
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

POST
H2 204 create_event Show response
jukebox.pathfactory.com/api/public/v1/page_views/ 0
478 B 137ms
135ms XHR
text/plain 35.170.173.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/api/public/v1/page_views/create_event

Requested by

Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/tracks.js?x=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.170.173.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-170-173-60.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
X-CSRF-Token: +bX1pv+Ir5gFaB/71pbgLqARqNTkaSu4G2rI/sXHQazf8dTiN8OlA2uWVceLAvMV8LMPJPVk0YY2ATBit251yg==
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.014615
date: Tue, 09 Jul 2024 04:29:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://assets.sentinelone.com
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
vary: Origin
x-request-id: a145c471-1149-4749-b3ee-847389a01e63

POST
H/1.1 200
OK tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/ 2 B
467 B 240ms
121ms Ping
text/plain 34.236.250.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://spcollector.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/libraries/tracker/3.19.0/sp.lite.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.250.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-250-134.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 09 Jul 2024 04:29:56 GMT
Server: akka-http/10.0.9
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: https://assets.sentinelone.com
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

POST
H2 204 create_event Show response
jukebox.pathfactory.com/api/public/v1/page_views/ 0
478 B 139ms
138ms XHR
text/plain 35.170.173.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/api/public/v1/page_views/create_event

Requested by

Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/tracks.js?x=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.170.173.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-170-173-60.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
X-CSRF-Token: +bX1pv+Ir5gFaB/71pbgLqARqNTkaSu4G2rI/sXHQazf8dTiN8OlA2uWVceLAvMV8LMPJPVk0YY2ATBit251yg==
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.015995
date: Tue, 09 Jul 2024 04:29:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://assets.sentinelone.com
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
vary: Origin
x-request-id: 73c9038c-8282-4539-99c3-23dc5b01006f

POST
H2 204 create_event Show response
jukebox.pathfactory.com/api/public/v1/page_views/ 0
478 B 136ms
134ms XHR
text/plain 35.170.173.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/api/public/v1/page_views/create_event

Requested by

Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/tracks.js?x=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.170.173.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-170-173-60.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
X-CSRF-Token: +bX1pv+Ir5gFaB/71pbgLqARqNTkaSu4G2rI/sXHQazf8dTiN8OlA2uWVceLAvMV8LMPJPVk0YY2ATBit251yg==
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.013698
date: Tue, 09 Jul 2024 04:29:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://assets.sentinelone.com
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
vary: Origin
x-request-id: 4413fa59-69a2-4ab2-a509-13462f550be8

GET
H2 200 657ac7bc-227d-49d9-812b-d0d8b7edba02.jpg
cdn.pathfactory.com/assets/10546/logos/72995/ 12 KB
13 KB 428ms
428ms Image
image/jpeg 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathfactory.com/assets/10546/logos/72995/657ac7bc-227d-49d9-812b-d0d8b7edba02.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b33bd69ded87fd83ee195219415d313fb34fb4a6115421e47a190b7ef515c57c

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:29:57 GMT
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
last-modified: Mon, 09 Dec 2019 04:56:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256
etag: "3a7f078baed2b49b12370ad93d8fbbf4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age=60, must-revalidate
accept-ranges: bytes
content-length: 12779
x-amz-cf-id: yQHhXIT40HmMGeG_1ee-Mg6mx1a6cNXQzTxi6N8hS0U8q3lOLDr4_Q==

GET
H2 200 loading.svg
cdn.pathfactory.com/pdfjs/2.16.105/web/images/ 2 KB
0 0ms
0ms Image
image/svg+xml 13.35.58.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/images/loading.svg
Requested by: Host: cdn.pathfactory.com
URL: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d6e14cf6226c74c26e2141180eadc944ef4ce8565e9b6dd2670ec202417a764

Request headers

Referer: https://cdn.pathfactory.com/pdfjs/2.16.105/web/viewer.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 04:59:39 GMT
content-encoding: gzip
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
last-modified: Tue, 28 Mar 2023 14:27:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 84798
x-amz-server-side-encryption: AES256
etag: W/"28e82fa827563f85d2986895c1162311"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 75qaCX2nma_rtGiXZ3EF-dR50A6bOpNZfHfXuwEiu6G4x_0bQ7VGPA==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 138ms
138ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:57 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 09 Jul 2024 04:29:57 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 138ms
138ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:58 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 09 Jul 2024 04:29:58 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 140ms
140ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:29:59 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 09 Jul 2024 04:29:59 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 136ms
136ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:30:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 09 Jul 2024 04:30:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 139ms
138ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 04:30:01 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 09 Jul 2024 04:30:01 GMT

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sentinelone.com/	1970-01-21 07:30:59	Name: vid Value: c633f4bc-8b4b-4fc1-a4be-13234d28a156
.sentinelone.com/	1969-12-31 23:59:59	Name: __cfredirector_sm Value: DE
.go.sentinelone.com/	1970-01-20 21:55:01	Name: __cf_bm Value: qUBV_bWjBYoTlz7JDENylLUJ157fYIniiS5_OIdyxSA-1720499393-1.0.1.1-9si3olSawkFO.t_5trge5aHBZwCppeEAqNwXTgdVwLxUifrM1WBjANV03dp7a3hJeusvq0JAsk7Na6jKWp301Q
.sentinelone.com/	1970-01-20 21:56:25	Name: _gid Value: GA1.2.245491309.1720499394
.sentinelone.com/	1970-01-21 00:04:35	Name: _gcl_au Value: 1.1.721791814.1720499394
.sentinelone.com/	1970-01-20 21:54:59	Name: _gat_gtag_UA_38175129_1 Value: 1
.sentinelone.com/	1970-01-20 21:54:59	Name: _gat_gtag_UA_38175129_4 Value: 1
assets.sentinelone.com/	1970-01-21 07:30:59	Name: _gd_visitor Value: e3389053-bca0-4892-80bf-44232256707c
assets.sentinelone.com/	1970-01-20 21:55:13	Name: _gd_session Value: 6fd7bbfc-7204-4962-8f50-06a63a697ebb
.sentinelone.com/	1970-01-21 07:30:59	Name: _ga_RB6JC05KKN Value: GS1.1.1720499394.1.0.1720499394.60.0.0
go.sentinelone.com/	1969-12-31 23:59:59	Name: BIGipServerab14web-nginx-app_https Value: !luc0dZSczFLFFvmwZJ6CmE6tjLF6/1oc2dLET8KGDdnHrWEk0C8mZAhbvaHGlU4X8qTrCELkIQVr+o0=
.sentinelone.com/	1970-01-21 00:04:35	Name: _fbp Value: fb.1.1720499394434.810348320316795685
.linkedin.com/	1970-01-21 06:40:35	Name: bcookie Value: "v=2&981257db-3813-46c6-8b26-d8a83a7a1999"
.linkedin.com/	1970-01-21 02:14:11	Name: li_gc Value: MTswOzE3MjA0OTkzOTQ7MjswMjG5Kj1Rs+RQcosbSXMIADsijGHTTR9e3dD73yAhDZ7WJw==
.linkedin.com/	1970-01-20 21:56:25	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3286:u=1:x=1:i=1720499394:t=1720585794:v=2:sig=AQH3i5p6veqdj1B8kA8D9MFfCLfY81Z8"
.twitter.com/	1970-01-21 07:30:59	Name: guest_id_marketing Value: v1%3A172049939439659237
.twitter.com/	1970-01-21 07:30:59	Name: guest_id_ads Value: v1%3A172049939439659237
.twitter.com/	1970-01-21 07:30:59	Name: personalization_id Value: "v1_6Pp6AA5zpvuffKLoT6x+vw=="
.twitter.com/	1970-01-21 07:30:59	Name: guest_id Value: v1%3A172049939439659237
.t.co/	1970-01-21 07:30:59	Name: muc_ads Value: 33bd751c-07ae-4532-b104-dd70c76bd6b2
tags.srv.stackadapt.com/	1970-01-21 06:40:35	Name: sa-user-id Value: s%3A0-9f30733a-0df6-5877-793a-3df8e9a44112.SBuF1t3w9KdaS5Lr9cb%2B%2Bk7dLL3lxc4Ioe%2BcsMf5Kdk
.srv.stackadapt.com/	1970-01-21 06:40:35	Name: sa-user-id Value: s%3A0-9f30733a-0df6-5877-793a-3df8e9a44112.SBuF1t3w9KdaS5Lr9cb%2B%2Bk7dLL3lxc4Ioe%2BcsMf5Kdk
tags.srv.stackadapt.com/	1970-01-21 06:40:35	Name: sa-user-id-v2 Value: s%3AnzBzOg32WHd5Oj346aRBElD_B20.sbU6buoIuXA9VPZD%2BvFxbMthJaLNC7MSEqdXD4SjPK8
.srv.stackadapt.com/	1970-01-21 06:40:35	Name: sa-user-id-v2 Value: s%3AnzBzOg32WHd5Oj346aRBElD_B20.sbU6buoIuXA9VPZD%2BvFxbMthJaLNC7MSEqdXD4SjPK8
tags.srv.stackadapt.com/	1970-01-21 06:40:35	Name: sa-user-id-v3 Value: s%3AAQAKIL5gLzFMPNq9k6KNcZgRKN_1fCehjKLJqFV2Kc1FThedENYBGAQgwvmytAYwAToErI9ciEIEICTfcQ.gJKj7CQT0ON7V3S%2B6u7CovywyXmC%2Fm4H2WS41JPzE%2B4
.srv.stackadapt.com/	1970-01-21 06:40:35	Name: sa-user-id-v3 Value: s%3AAQAKIL5gLzFMPNq9k6KNcZgRKN_1fCehjKLJqFV2Kc1FThedENYBGAQgwvmytAYwAToErI9ciEIEICTfcQ.gJKj7CQT0ON7V3S%2B6u7CovywyXmC%2Fm4H2WS41JPzE%2B4
.sentinelone.com/	1970-01-21 06:40:35	Name: ajs_anonymous_id Value: 72d356bb-8501-4dce-bb7a-1357797980a2
.sentinelone.com/	1970-01-21 07:30:59	Name: _ga Value: GA1.2.2144185504.1720499394
.sentinelone.com/	1970-01-20 21:54:59	Name: _gat_UA-38175129-1 Value: 1
.sentinelone.com/	1970-01-21 07:30:59	Name: _mkto_trk Value: id:327-MNM-087&token:_mch-sentinelone.com-1720499394657-86531
assets.sentinelone.com/	1970-01-21 06:40:35	Name: sa-user-id Value: s%253A0-9f30733a-0df6-5877-793a-3df8e9a44112.SBuF1t3w9KdaS5Lr9cb%252B%252Bk7dLL3lxc4Ioe%252BcsMf5Kdk
assets.sentinelone.com/	1970-01-21 06:40:35	Name: sa-user-id-v2 Value: s%253AnzBzOg32WHd5Oj346aRBElD_B20.sbU6buoIuXA9VPZD%252BvFxbMthJaLNC7MSEqdXD4SjPK8
assets.sentinelone.com/	1970-01-21 06:40:35	Name: sa-user-id-v3 Value: s%253AAQAKIL5gLzFMPNq9k6KNcZgRKN_1fCehjKLJqFV2Kc1FThedENYBGAQgwvmytAYwAToErI9ciEIEICTfcQ.gJKj7CQT0ON7V3S%252B6u7CovywyXmC%252Fm4H2WS41JPzE%252B4
.sentinelone.com/	1970-01-20 21:56:25	Name: _uetsid Value: e40ed5a03dab11ef99627589513bdef4
.sentinelone.com/	1970-01-21 07:16:35	Name: _uetvid Value: e40ee8d03dab11efb3db154710dc4f15
.bing.com/	1970-01-21 07:16:35	Name: MUID Value: 383E295A4F6062A820C43DED4ECC6395
.doubleclick.net/	1970-01-20 22:38:11	Name: ar_debug Value: 1
.sentinelone.com/	1970-01-21 06:40:35	Name: _hjSessionUser_2714452 Value: eyJpZCI6IjJiNmE3YmQ4LTJmMmQtNTY4OS1iMWFlLWQzMTY1NjdhMjNhZiIsImNyZWF0ZWQiOjE3MjA0OTkzOTQ4ODEsImV4aXN0aW5nIjpmYWxzZX0=
.sentinelone.com/	1970-01-20 21:55:01	Name: _hjSession_2714452 Value: eyJpZCI6IjhiYzcyZGEwLTM3YjYtNDUwNC04ZTRjLTAwOTdmNjAwZGI3NyIsImMiOjE3MjA0OTkzOTQ4ODEsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.doubleclick.net/	1970-01-21 02:14:11	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 07:16:35	Name: IDE Value: AHWqTUlT7zOH9iMhnDKFS6zjFMOR59ksrGmkwwZSG9ZGn1_zMO6qqW55kkf2Ki_1
.adnxs.com/	1970-01-21 00:04:35	Name: XANDR_PANID Value: 60y6KGQH0ppmhR8TnJI-pF1WYRfKaazhGivcrNj2oS9x8MAJ8ns0IDM5mbLNCLCLZ9XQyztqTbTnWodsw2PvqtjnSGyA6glxY9XyjTXoDxk.
.adnxs.com/	1970-01-21 07:30:59	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 00:04:35	Name: uuid2 Value: 4716852149119774972
.sentinelone.com/	1970-01-20 21:55:01	Name: _pf_ses.45f0 Value: *
.sentinelone.com/	1970-01-21 07:30:59	Name: _pf_id.45f0 Value: c633f4bc-8b4b-4fc1-a4be-13234d28a156.1720499395.1.1720499397..23760d48-4e97-477f-b63f-c85d95831dba..b112046f-2d7a-4300-817d-373f59abcb90.1720499395098.4

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://assets.sentinelone.com/sentinellabs/chamelgang-friends-en Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13115870.fls.doubleclick.net
327-mnm-087.mktoresp.com
a.quora.com
ad.doubleclick.net
analytics.twitter.com
assets.sentinelone.com
attr.ml-api.io
b.6sc.co
bat.bing.com
c.6sc.co
cdn-app.pathfactory.com
cdn.abrankings.com
cdn.calibermind.com
cdn.pathfactory.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
de.sentinelone.com
e.calibermind.com
epsilon.6sense.com
go.sentinelone.com
googleads.g.doubleclick.net
ipv6.6sc.co
j.6sc.co
jukebox.pathfactory.com
munchkin.marketo.net
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
region1.analytics.google.com
s.ml-attr.com
script.hotjar.com
secure.adnxs.com
snap.licdn.com
spcollector.pathfactory.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tags.srv.stackadapt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.sentinelone.com
104.102.38.132
104.17.24.14
104.17.71.206
104.244.42.3
13.107.42.14
13.248.142.121
13.32.99.6
13.33.187.19
13.35.58.113
142.250.181.230
142.250.184.195
142.250.185.130
142.250.185.132
142.250.185.194
142.250.186.166
146.75.120.157
162.159.153.247
172.217.18.104
172.67.213.149
172.67.74.101
18.66.102.53
192.28.144.124
2001:4860:4802:34::36
2001:4860:4802:38::178
216.239.34.178
2600:9000:206f:9400:5:7a81:86c0:93a1
2600:9000:223d:400:11:8a36:7200:93a1
2620:12a:8001::2
2620:1ec:21::14
2620:1ec:c11::237
2a00:1450:4001:830::2008
2a00:1450:400c:c06::9a
2a02:26f0:3500:10::210:a9a
2a02:26f0:480:23::1726:62a7
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:400::649
3.123.49.56
34.236.250.134
35.170.173.60
37.252.171.21
52.45.88.24
52.73.194.60
68.67.153.60
93.184.221.165
95.101.111.184
007cd3d0cc0338034fa0194165aa8c5c80bee9be0eb86f8b568ad864553787f0
025b00b18ed3b9e5750249f7952094f686ba95650530df54771370bde96be1c4
0423f69dc0e5f863d923e48c8c61298979b1c3fbdacbf6976d2b36f160bdea88
0927046a7f82a1f6e6e48d1115be04d8e053922775f03d0fdecef3b60e92f8cb
14b6cfd9b2a41bf5ee498086b1fbe2e8a31b1f99d5e040d55bdbe2d95702b6ac
158139ca63eff0371f51bcf54c258a8a4fc031037f3eb7601a21056927840a9d
1605c9fa02c8ef1c9335791a6cf685d63619cca122bd936f5042415b2f38b17b
1ba5deee5ba7db155c23554705e9b9c812389d03060531e310e9b70bc4be800b
1fe22d6d17e767a9831a2fa3efe8f405c932e75fdfbed9c814b6c93b5c62f70c
25462e537585513efd706d55cf4cd890b30f382ab96c0f6df75c41c1095d58ed
2567d7a267a93cdab7551a40a838d0057d3d02685746c445278d6de182d32c1a
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27fadbd5f0a5ae4a7a75867bf41ec216ce8cc4f824d6cacac6af71ce2c983a35
31511c3fc79860742c2a0f8bbddc58293d8a42e37c7c15e2202470723facc6f6
36ac4761ddf7b0054378c120e0f406e3634ed8eb1a1a5187c64943efc43a17d1
417ade7c3f236689b04b450648c44f2fdc377aa208534400cec4fa7af8564f5b
41dd35f9e13c7e19e61ea5902ad39f4d59dd2bbb13732e50a6a33b5e14e8db88
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
483c4a0396691993a641ec409c44b8b7e1daab0ae7e2b2944c4bc59520bb7655
49744250970bf1de3fb8cb2c643bb19f5c36e642f24d7aabafb16d7f68bd77db
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4d3dab569c7b9e24ba3484873769a6b4a34bd3ab4ef6ff53b1c5a5c60f7d5663
4e9f38bf8eaeb7dc2e37e4718e24a6581d707ed0c772d7ede505b1d01d20c72f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
5453090a53339782eb46c42e15f028cdeaae04e41296a506a2c85bca8a70e4e6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
58112726cdedca894ece97c82f091241d25fef9d223c565e1136792db84f6e00
5af5ee0b37b1f0ef31c42932bbf81424e4bb53e95e87a47e058625c1af2245db
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
64d117a5cdaf7b8aa3bc5ff1abeec0e1d98b834782d49f34260c4e1ecc7ec4c2
66f8043d563550a1fba21d7bda97fefa112ee286c1371c4cbc36b6c3186f4994
6782c26e66d8abbe5816cd0222f41c431399582ce9b59805bffda7572e7ba288
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
70d586636c4367496ac0bd97e3cda9de1ae6b93a370827e411fc30ded33146ee
7d6e14cf6226c74c26e2141180eadc944ef4ce8565e9b6dd2670ec202417a764
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852463198b95c048fb575fc626e99e274f9bacefc67f513a451afed5f56bd5ce
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
881896b15b290db29b27141d281f464e0a9955ba6e165ff4af1d87d7eeaeedea
8878bfedd760d2b890a0c7979d06850f45090fbcf75faa3cfae8f8787479516b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
92ce1c889d8c2e068cf48961ed3598d0df0bc9704fb3e7bdf5f585eb3238c357
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
a05f76347e497e82410f36908364c4a8e112e3b7fb54cece2a4181eec39aa407
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3dec4cdbb1b85111a2c2d680f8a44a8aa4b46832aaf839a0b63437bd58a5f96
a3e647bd139028a8b14cd0c42545d61fe316a4a42436a5602b44df99d8d416f3
a72b21eaf2bbeed38e6fb26a5d10a964b3ec90a45a0c77cbbf5415c27fa07446
a8b80246d1aa2496069cf9067fb3e3dc14c714155a24924a2e3a52f098325646
a97bc8ec679a82ec782bd76c7302c0ca394c1ad672450f86f87bee5e0ec06b19
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1f112a5b8bad147ebed841380bd82c9d5368abdb87b17509f9357c8e3b318ba
b33bd69ded87fd83ee195219415d313fb34fb4a6115421e47a190b7ef515c57c
b403ea3c3eed310e87d52fed4a2bf811798dc948cd282b98a23a4cdafdb0fac6
b57fbbfcd201942da953651e360bd586ca15ea05a708eb10b95f0dd4acd65b64
b6062a74eb4c0366e9c2dd404c0c8393664271192ea5fa5cfd7f7860cbdc7ba6
b7f1579d23180ed58215bcaa5cb8b904135286a0be9e5ddd9aa6fb64f0e8e407
bbc6fadfdb36d9fb032abee504d9e22cf933e7551d69cd01ec6c91ebd8758659
bbf63a8d99571b28313d50e1f0489655696a2ce4ed4f24bfdc09deadc8cc15c8
c0ad39faea959c6452ccf07bbf3c65bf7f5e1afa8df00d05cfbb1087a8aee9ac
c541f4e34e09830e472235905ee1e6a3b32dcc90ce831181c71aecdac3e48573
c8d849bf74b31aab13e3cf584d4bf4bb6e39a04c65c21dce38a8c0440adcd182
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cda851ced6071adcde40501c1c09e21fd48be1594567337f82711a6371b9779c
d0647d8975d5c92ea700e635befca523c5aac18754b8454d954909fe070e68cc
d23d57d3e20ead100b617ecdd2ba95dc793010d5556a866a16a1fb1b45975d52
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d454566fbbab8fcbc70a1c3139be25be5205712442564fe24a5e0258e3337a98
d469032c5b6c6f19447cba65d7669c2f646f790701cdd057c7edb2ff2b852353
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e105ac63de9df1869dea83da53cb2eb51e6a2772646c1c03819a4d824a3e2638
e1347bd0cacff20609ce7c2d3819bc4b7ccf067348273adf99eafa06e4ecbc93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef108d54169e5a50df7716b8288075cc1cd0d4a9a68d904d09f342d9a61ecbd0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f809f3c86db58eee81396ee570d2ced01fc6d91e909b49a580d46065c52ef275
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

assets.sentinelone.com Open in urlscan Pro 52.73.194.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

156 Requests

97 %HTTPS

30 %IPv6

30 Domains

47 Subdomains

42 IPs

5 Countries

10540 kBTransfer

16898 kBSize

46 Cookies

2 Outgoing links

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

assets.sentinelone.com Open in urlscan Pro
52.73.194.60 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

97 %
HTTPS

30 %
IPv6

30
Domains

47
Subdomains

42
IPs

5
Countries

10540 kB
Transfer

16898 kB
Size

46
Cookies

156 HTTP transactions
0 data transactions