www.secureblink.com Open in urlscan Pro
2600:9000:2003:5c00:f:f6ee:b780:93a1  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
29 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Show response www.secureblink.com/threat-research/	185 KB 36 KB	585ms 566ms	Document text/html	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Next.js Resource Hash a10bedeeee78e481f00acbd155fdb842f0457839faa7ee9a376ea5d2c13276db Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers cache-control private, no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-type text/html; charset=utf-8 date Tue, 05 Dec 2023 09:23:12 GMT etag "sv7e7cc11e42jn" server CloudFront vary Accept-Encoding via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) x-amz-cf-id OdJEw0ws6RBjpUQmd5GWqS6Tcmb2GVBTSVpoNW2USxzdQBgaDx5b9g== x-amz-cf-pop SIN2-C1 x-cache Miss from cloudfront x-powered-by Next.js
GET H2	200	1fdf5d0cfce7365d.css www.secureblink.com/_next/static/css/	87 KB 14 KB	23ms 22ms	Stylesheet text/css	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/_next/static/css/1fdf5d0cfce7365d.css Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 6f30e6afe26e0f04d65039e0375e3041a509b93a9c0d4688fc4871f3779595e2 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:01 GMT content-encoding gzip via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:29 GMT server CloudFront x-amz-cf-pop SIN2-C1 age 11 etag W/"9900b66d5934be65653e5766a9e0cfee" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control public, max-age=31536000, immutable x-amz-cf-id VcGjQLF7NFhdriGTxVGU9bXVLU2oNSJjz7NUhODKQnWlZMGsj3rMzw==
GET H2	200	2b5e6e2abfed2b04.css www.secureblink.com/_next/static/css/	20 KB 4 KB	18ms 18ms	Stylesheet text/css	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/_next/static/css/2b5e6e2abfed2b04.css Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash f01326705cce06d933ccb8e656cd9cfc76d2cbc70bf5f4cadc19fae07dd0fde8 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:01 GMT content-encoding gzip via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:29 GMT server CloudFront x-amz-cf-pop SIN2-C1 age 11 etag W/"fd62b4548521204a3c4d535897fc5931" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control public, max-age=31536000, immutable x-amz-cf-id dO9yks7thEDO8A8mhiQc-pGXroibeEmf4hoI8h0OMz4MQpJDn9PDLA==
GET H2	200	widget.js Show response www.gartner.com/reviews/public/Widget/js/	9 KB 3 KB	209ms 15ms	Script application/javascript	13.33.88.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gartner.com/reviews/public/Widget/js/widget.js Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.88.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-88-121.sin2.r.cloudfront.net Software Apache / Express Resource Hash 6337931044ffad3ef0a3b4382b0f098e7c242d5b1ce424b0ee88f2d0daf1f474 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:01 GMT content-encoding gzip via 1.1 57441ee201b6bfb8ff8be48f8e002574.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 age 12 x-powered-by Express x-cache Hit from cloudfront last-modified Mon, 04 Dec 2023 09:24:54 GMT server Apache etag W/"231f-18c34251270" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes x-amz-cf-id XV-hJo8ZSDJLQ5S5BX5dW5vkjaxqKOFYOrlYRuDbyojdOIhysYdS9Q==
GET H2	200	webpack-b980de514a916915.js Show response www.secureblink.com/_next/static/chunks/	2 KB 1 KB	26ms 20ms	Script application/javascript	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/_next/static/chunks/webpack-b980de514a916915.js Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 0bdf12ca5f13831c3d1e2b2ad427f75fe2a7ac4ecc3f5d5173d950b1539fe77d Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:01 GMT content-encoding gzip via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:29 GMT server CloudFront x-amz-cf-pop SIN2-C1 age 12 etag W/"0c3f91d300e45055b786eaaea7eead00" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000, immutable x-amz-cf-id qLMpFAckt3gEKSmk3jmZCKjOrMxiLbs2PbCFcnh_PQ-jNdX_waIgqA==
GET H2	200	framework-73b8966a3c579ab0.js Show response www.secureblink.com/_next/static/chunks/	138 KB 45 KB	30ms 24ms	Script application/javascript	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/_next/static/chunks/framework-73b8966a3c579ab0.js Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash ad2aa3ac062cdef13af1c2e28c6e95e36732484bd756fb6194a105b61af7c057 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:01 GMT content-encoding gzip via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:29 GMT server CloudFront x-amz-cf-pop SIN2-C1 age 11 etag W/"c0d21cf3be111341cb36153ec9177e9a" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000, immutable x-amz-cf-id OKDs_iG9c-lkFLOABTLDHlzGkvCoJzLGq_IAq5Ncoq8cByGPtcVTGg==
GET H2	200	main-515dc100d4cac93d.js Show response www.secureblink.com/_next/static/chunks/	88 KB 27 KB	47ms 42ms	Script application/javascript	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/_next/static/chunks/main-515dc100d4cac93d.js Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash d4b03c668089d66bfd6cf69c28c32c0f2f05816cc10f7b5652cccba3ab6a9528 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:01 GMT content-encoding gzip via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:29 GMT server CloudFront x-amz-cf-pop SIN2-C1 age 11 etag W/"7bd6cab64cea737ad0605a1a84721652" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000, immutable x-amz-cf-id 1eFWfLmEarUyxOjl6u_qKUr-ECcEHIUnnYJwD1Xq8VK7P0vQb0XGuQ==
GET H2	200	_app-6a1b5335006f31e0.js Show response www.secureblink.com/_next/static/chunks/pages/	773 KB 234 KB	56ms 51ms	Script application/javascript	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/_next/static/chunks/pages/_app-6a1b5335006f31e0.js Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 1f7f8bbfa50bbe143454bec1478cd4afc56f2d62d66ae5adecda2adad8bc026d Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:01 GMT content-encoding gzip via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:29 GMT server CloudFront x-amz-cf-pop SIN2-C1 age 11 etag W/"609a6b9660f73735dc264640670d87f3" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000, immutable x-amz-cf-id OS1qYMbUVV8-6yhVUcetakOUUq46CsM0EUlTDYyDPmMBsqZt1P_bBw==
GET H2	200	791-0b2baff52d565b22.js Show response www.secureblink.com/_next/static/chunks/	10 KB 4 KB	101ms 96ms	Script application/javascript	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/_next/static/chunks/791-0b2baff52d565b22.js Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 24a786af8c06055281fa48b0f26eb065a217321650eb23f0325708bfa6286945 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:01 GMT content-encoding gzip via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:29 GMT server CloudFront x-amz-cf-pop SIN2-C1 age 12 etag W/"bdd469cd288b58fedb03a6027a77e521" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000, immutable x-amz-cf-id -IEqgLwPY7hArvFxvUDWukII3WeedbnLlO6RhA49l2HzSJJRkJeavg==
GET H2	200	116-7bf4104c847b33d2.js Show response www.secureblink.com/_next/static/chunks/	129 KB 40 KB	111ms 107ms	Script application/javascript	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/_next/static/chunks/116-7bf4104c847b33d2.js Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash ccb82f0d37474022f50f526fa1b25f5973bb64c90a021dd2a8da4ae464be27de Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:02 GMT content-encoding gzip via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:29 GMT server CloudFront x-amz-cf-pop SIN2-C1 age 11 etag W/"ce6e38940fb347f423a532effbd5de9c" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000, immutable x-amz-cf-id 6b_9ryFp9mAXR-z0RWQckm1E-I1C3PEnaGZ82mGIBSa184LZ38tzjQ==
GET H2	200	756-3093c07826356e6b.js Show response www.secureblink.com/_next/static/chunks/	30 KB 10 KB	122ms 118ms	Script application/javascript	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/_next/static/chunks/756-3093c07826356e6b.js Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash b93880dc93e31323a2283ea3cd102b24a18768b55240aa561458dd1b1e5d8f0e Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:01 GMT content-encoding gzip via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:29 GMT server CloudFront x-amz-cf-pop SIN2-C1 age 12 etag W/"7c99732927d23bd76fd74cd8a3598884" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000, immutable x-amz-cf-id 1-vPJXXIs3jKtUtDgeGmMAGAoWPsI4iARCAGKEfikmK9_P7KQFGqug==
GET H2	200	637-d68a3a81bd2cd19f.js Show response www.secureblink.com/_next/static/chunks/	910 KB 289 KB	123ms 119ms	Script application/javascript	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/_next/static/chunks/637-d68a3a81bd2cd19f.js Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash f0fc9c3cedc9ef993dc0d2b909a04b510969f41cc17fc121279b985b6c6935ed Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:01 GMT content-encoding gzip via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:29 GMT server CloudFront x-amz-cf-pop SIN2-C1 age 12 etag W/"18e32a55a139b3d9ca5dd3d5dcb6dacb" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000, immutable x-amz-cf-id uCgYnYR1EusWjCEQ452A0cFNTcTWfDOIZzyJOmNrECPNfdld9J7sXQ==
GET H2	200	564-bd2ef51eaa7dc4b4.js Show response www.secureblink.com/_next/static/chunks/	37 KB 9 KB	204ms 201ms	Script application/javascript	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/_next/static/chunks/564-bd2ef51eaa7dc4b4.js Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 1f9fbb5101634bd6d4ef17371bed6e8aea38867abf30a856285346bf7e31b9c5 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:01 GMT content-encoding gzip via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:29 GMT server CloudFront x-amz-cf-pop SIN2-C1 age 12 etag W/"517abd99336a49e7c955b190ad15a18c" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000, immutable x-amz-cf-id BjAU68f3OAcIPvKw1PgFv6Sopkf4xMJ5dCCgWqN7ip80VlSuX6rBlQ==
GET H2	200	394-68a45d35505dd674.js Show response www.secureblink.com/_next/static/chunks/	11 KB 4 KB	207ms 204ms	Script application/javascript	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/_next/static/chunks/394-68a45d35505dd674.js Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 23a4c3f3094f38e4b8938cf7b500fb78997e6e4db962ed6db390f3e3721d5866 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:01 GMT content-encoding gzip via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:29 GMT server CloudFront x-amz-cf-pop SIN2-C1 age 12 etag W/"505d30c5acda25c249a9f0021634acd0" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000, immutable x-amz-cf-id sQ1-aqS5jMuiXHXo8I8E62paTs_k8AcRuoflix1c2Vn-y7ZPkqhYdw==
GET H2	200	%5BresearchId%5D-62bc215ab5e2a725.js Show response www.secureblink.com/_next/static/chunks/pages/threat-research/	1 KB 1020 B	231ms 228ms	Script application/javascript	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/_next/static/chunks/pages/threat-research/%5BresearchId%5D-62bc215ab5e2a725.js Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 55bf279779402f7163e724b8a841148c7cbac41563160ec69d6ea0ee12fa722a Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:01 GMT content-encoding gzip via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:29 GMT server CloudFront x-amz-cf-pop SIN2-C1 age 12 etag W/"b9bf522fbd914b55ee23b81b39286fe4" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000, immutable x-amz-cf-id _YolVKw3ZKPQJDuU806Q9edRaqJ_XSpcpB970J6LBj4-pCxGS9Zziw==
GET H2	200	_buildManifest.js Show response www.secureblink.com/_next/static/X0nVLWXNwo2GXjvcyJeZl/	4 KB 2 KB	234ms 232ms	Script application/javascript	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/_next/static/X0nVLWXNwo2GXjvcyJeZl/_buildManifest.js Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash c247d13c817254c000c772400bc5a3019d4e77b3205857b544e2c11f1d5b68a6 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:01 GMT content-encoding gzip via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:29 GMT server CloudFront x-amz-cf-pop SIN2-C1 age 12 etag W/"1d62ace8ee61fd949394a906098734d1" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000, immutable x-amz-cf-id kqW_uB665xMmuQhwc9n7L7IcERHm7pR9jXbqtqr7_n_E-nvO5KvKCA==
GET H2	200	_ssgManifest.js Show response www.secureblink.com/_next/static/X0nVLWXNwo2GXjvcyJeZl/	77 B 447 B	235ms 233ms	Script application/javascript	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/_next/static/X0nVLWXNwo2GXjvcyJeZl/_ssgManifest.js Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:01 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:29 GMT server CloudFront x-amz-cf-pop SIN2-C1 age 11 etag "b6652df95db52feb4daf4eca35380933" x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000, immutable accept-ranges bytes content-length 77 x-amz-cf-id L4VlEudZh3v-D--rjSgSjvFOOibhtpIFEurFJgTGwnlycv19-xtc_Q==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	202 KB 55 KB	97ms 37ms	Script application/x-javascript	2a03:2880:f00c:300:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 05 Dec 2023 09:23:13 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 54273 x-xss-protection 0 reporting-endpoints coep_report="https://www.facebook.com/browser_reporting/?minimize=0" pragma public x-fb-debug MFHr3oPZyFgSFCWjdxX9AZ7JXDHozQCns/sap9DCbwtTx0n6O796339v6hGApvT7oJjq3O96hcQLcwpoTdl9mg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 x-fb-optimizer 0 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET DATA	200 OK	truncated /	80 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3a9f8e650b51d512cf8d76da6503cf1c53206724b70a30a065fcdc21a59a01af Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 85acc6c36233b1a522c3bf79f4fc2e9e8fe8c7592f49c6ee0406f5845126e4d9 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	79 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6817e724625ff4de38386452ad13bea3efa8ae16d77595e827a6eb1741121295 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b80d5bf641da1c7ad65be190f6b2ff399d289a1f77d5445fd26c0b2c9a28f6b0 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 206e6db42e3b85a814400228d84d0dff5b104e8e17f4e04bbb533c91ed17fc5f Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 65fbebee840bb3f7de14a72a96151ce4dfbbcb1164494a3f035b201d10fab9a9 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e59c11a3bd20b8bb350ca569de5f7010d57444190e7ee00bf6361ba3f55a1bf6 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a7cc49ebd1e350c00a18738cedce006dd29f5a69264bc420cb2305f1be231e47 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 19105de8d21149a7136937f35081f83a5cd6e73dc394e7d356c03ec49d3db743 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 87338596f64575f1e37d77bef690584841938d743265728c459f43de76d96d51 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash acf825b9c039602b4b1cca77d497695253d67f12a8f0b4a0f3c770ed1c9346f6 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c8c74f0e5441369a10740320299041856012fd4a0f028fd4f06c9d2e55866a45 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 197e39161a46a30494ee9ba3cb0e80aeb3617be5763947a1e5adb2fcc00be2df Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f9c1262b250b5ecd972a9cda7498c1461af814ab2c52b19ace8c3be78dfca24a Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d13be8fc6203c922627a56158c7744f0920f2402fdcac95a37fa40778b5f66af Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	80 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8bca80e4cdf88e5f206b8154d9bf30e7d56c6956c5ff93e3deb1d6466eff9253 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 071d0c661e65aeb22df55ffa361ca35be52f6e71bc71c63175dbc5434ad4d7b0 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 21740a7be0698666aa1644259ebeea93df405ee9e6a59e331e6dbd032b8b97f3 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3cad85aab11a4c3cb1aadffb51aed5c68dbddea9dd53606b2c9518ac038cd77a Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b79e7bc553c86f6f5a6ac50e7bce7ac8694f230e467cd01fda6ac4746c00a8dd Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ae0137129daf0f68563b6193eef0d5bd3d8eaadacfb17619b366e90dc4e0052d Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	sofia-pro-regular.woff www.secureblink.com/fonts/sofia/	65 KB 65 KB	569ms 558ms	Font font/woff	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/fonts/sofia/sofia-pro-regular.woff Requested by Host: www.secureblink.com URL: https://www.secureblink.com/_next/static/css/1fdf5d0cfce7365d.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash bfa63386ad0cf4c2f6bc910b7c925b2ced1f1c11b00c397c17ec4a6c1886e181 Request headers Referer https://www.secureblink.com/_next/static/css/1fdf5d0cfce7365d.css Origin https://www.secureblink.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:13 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:30 GMT server CloudFront x-amz-cf-pop SIN2-C1 etag "57e587829a83f0fa20da5912a0c80c0d" x-cache Miss from cloudfront content-type font/woff cache-control max-age=5, stale-while-revalidate accept-ranges bytes content-length 66308 x-amz-cf-id VbjMlBLgTyvbVle5c4TeKJEIEiUTrQaI8PG5L4vZoCi6q7kLuq0FXA==
GET H2	200	sofia-pro-semibold.woff www.secureblink.com/fonts/sofia/	66 KB 67 KB	601ms 592ms	Font font/woff	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/fonts/sofia/sofia-pro-semibold.woff Requested by Host: www.secureblink.com URL: https://www.secureblink.com/_next/static/css/1fdf5d0cfce7365d.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash d7e1be04f4bf38e0046e78906d1f50488702ae4320d8019c95715ab89409d786 Request headers Referer https://www.secureblink.com/_next/static/css/1fdf5d0cfce7365d.css Origin https://www.secureblink.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:13 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:30 GMT server CloudFront x-amz-cf-pop SIN2-C1 etag "fadc25eb12d788a95d9e344b64d700cc" x-cache Miss from cloudfront content-type font/woff cache-control max-age=5, stale-while-revalidate accept-ranges bytes content-length 67988 x-amz-cf-id mwcyZ3TEQZo9kT-Umg5cqCzbtKYr-hax5yELomdlP6fdE35jN2iZew==
GET H2	200	sofia-pro-light.woff www.secureblink.com/fonts/sofia/	63 KB 64 KB	429ms 421ms	Font font/woff	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/fonts/sofia/sofia-pro-light.woff Requested by Host: www.secureblink.com URL: https://www.secureblink.com/_next/static/css/1fdf5d0cfce7365d.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash eeb185980854d9fbe5d12f1251d6d09dcd0226179f72e12feab2d8d5bd664b72 Request headers Referer https://www.secureblink.com/_next/static/css/1fdf5d0cfce7365d.css Origin https://www.secureblink.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:13 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:30 GMT server CloudFront x-amz-cf-pop SIN2-C1 etag "cd063f4926c949e0dc5e9aa32bb974bb" x-cache Miss from cloudfront content-type font/woff cache-control max-age=5, stale-while-revalidate accept-ranges bytes content-length 64624 x-amz-cf-id SFURGeMZwGLdLZE67DzoxqjApQE6RY11voQclk_RMr5Af5jYwdvCjg==
GET H2	200	futura-pt-demibold.woff www.secureblink.com/fonts/futura/	71 KB 71 KB	446ms 438ms	Font font/woff	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/fonts/futura/futura-pt-demibold.woff Requested by Host: www.secureblink.com URL: https://www.secureblink.com/_next/static/css/1fdf5d0cfce7365d.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 750ebe211a704cef05c8169549f1d2650850c898854205742f1da47888e0ee20 Request headers Referer https://www.secureblink.com/_next/static/css/1fdf5d0cfce7365d.css Origin https://www.secureblink.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:13 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:30 GMT server CloudFront x-amz-cf-pop SIN2-C1 etag "202fb753da68f923a0ed47078847b412" x-cache Miss from cloudfront content-type font/woff cache-control max-age=5, stale-while-revalidate accept-ranges bytes content-length 72656 x-amz-cf-id gnov3lX-ol8ivhDMl6T0tCqHgWnicfhuc0BGGZrFviGwW_DgjUhtHg==
GET H2	200	futura-pt-book.woff www.secureblink.com/fonts/futura/	69 KB 69 KB	473ms 465ms	Font font/woff	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/fonts/futura/futura-pt-book.woff Requested by Host: www.secureblink.com URL: https://www.secureblink.com/_next/static/css/1fdf5d0cfce7365d.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash dc102135dfc16a1665f396da93faba2bff0507e53610c74dd5f7d14545cf607b Request headers Referer https://www.secureblink.com/_next/static/css/1fdf5d0cfce7365d.css Origin https://www.secureblink.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:13 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:30 GMT server CloudFront x-amz-cf-pop SIN2-C1 etag "3a3dd4201997134be1eb9329c240c363" x-cache Miss from cloudfront content-type font/woff cache-control max-age=5, stale-while-revalidate accept-ranges bytes content-length 70208 x-amz-cf-id kuTxssSgQBQIQC8x5wv22WdIGzT0DO5kRhFejxJYokF7oxhVls4SUA==
GET H2	200	sofia-pro-bold.woff www.secureblink.com/fonts/sofia/	66 KB 66 KB	535ms 528ms	Font font/woff	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/fonts/sofia/sofia-pro-bold.woff Requested by Host: www.secureblink.com URL: https://www.secureblink.com/_next/static/css/1fdf5d0cfce7365d.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 4eebc82b060d771c4de6e76e88a75059fcaa74c7ae96c6e1c14e160ddd722a22 Request headers Referer https://www.secureblink.com/_next/static/css/1fdf5d0cfce7365d.css Origin https://www.secureblink.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:13 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:30 GMT server CloudFront x-amz-cf-pop SIN2-C1 etag "74ac1dc21ca9d013b5c5419c7d38ff0f" x-cache Miss from cloudfront content-type font/woff cache-control max-age=5, stale-while-revalidate accept-ranges bytes content-length 67356 x-amz-cf-id kMDMpjb26iG08RLDzZnrZPoH1HtNg9N-aZWpSojnm-oTO7FYlmpqjg==
GET H2	200	image www.secureblink.com/_next/	14 KB 14 KB	163ms 156ms	Image image/webp	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2Fimages%2Fsecurity-bottom-bg.png&w=1920&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 0a366aa13d38e29806a4d5cb452e809681a055d2e9d43596e187fddf35e6386b Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:02 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 age 11 etag 101-EzvrQCXPdVpXYVahI02SJ17Y/qs vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=60, stale-while-revalidate content-length 14184 x-amz-cf-id hQo-XOyETxGwMqpiHcheIg2E32vysJ_JiD5RKMtr9-HmSlRqKTrn1Q== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	15 KB 15 KB	170ms 164ms	Image image/webp	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2Fimages%2Fcompany-logo.png&w=1920&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 6cba58fade30219ba670f485776fe275b4a041ff8c5dbd0b59bbf4a6fa406f05 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:02 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 age 11 etag fb-wcHyGCJhjPtQ4i8Eq/P+vwG+G4M vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=60, stale-while-revalidate content-length 15260 x-amz-cf-id k_5FrJ1n7qminLXpmIc8-VemdIu5AVRuhq-G3qmklWTkMgZEOScoHg== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	279 KB 279 KB	175ms 170ms	Image image/webp	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2Fimages%2Feclipse.png&w=1080&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash c050e64ab2e5ddd828475f55500cb9edde7737eeb54fd7d38611fc7c5d533a0d Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:02 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 age 11 etag f6-jeJ0hnJnTGOXrk2fNxurGrFOXRg vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=60, stale-while-revalidate content-length 285350 x-amz-cf-id pJ7bmR3WygwNeF6Fmps2PEBUwc_04y5MgyfMrRqxQq8AVsFN0Jge7A== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	5 KB 6 KB	370ms 365ms	Image image/webp	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2Fimages%2Fazure.png&w=640&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 3fcc98071f6495a9e384d23a6e3121649d9a9fb5730c336064c1b08e2d78c278 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:01 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 age 11 etag f3-u8y2FzywTnxjmmtxLg/kRDhVsAE vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=60, stale-while-revalidate content-length 5436 x-amz-cf-id bzYv2lFdQce-WMqhvW03WG6L_9opAW4zW2voMtrwtbYVkmbuSurHSA== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	2 KB 1 KB	370ms 366ms	Image image/svg+xml	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=https%3A%2F%2Fapi.producthunt.com%2Fwidgets%2Fembed-image%2Fv1%2Ffeatured.svg%3Fpost_id%3D363252%26theme%3Dlight&w=256&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash a51172bd820eefe8bcb39ff3c2123bdece518aee5a349b3e7ff680b88dda37c5 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:02 GMT content-encoding gzip via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 age 11 vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=14400 x-amz-cf-id f-EsyZyA3gGU8GY1oPq9Vt-U2yAcEThE9JAIfCJ775xQgo9QKoKJsw== x-amplify-optimized true
GET H2	400	image www.secureblink.com/_next/	24 B 24 B	1403ms 1399ms	Image text/plain	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=https%3A%2F%2Fofofo.io%2Fimages%2Fofofomarketplace.png&w=256&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 8438ac9ced67053e4d5f0704490d84d955d44f73d603796a912a47551b57d873 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 x-cache Error from cloudfront content-length 24 x-amz-cf-id E3xCQWrL09yGe5Ul4FNntX3t3IsMSYdEi-5khu86Cihu-JiIc-8s7A== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	40 KB 31 KB	371ms 368ms	Image image/svg+xml	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2Fimages%2Flogo1.svg&w=96&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash b9e9c9267742b38a266baeb0646e23a5a5a0003e6bb0fe0503518dc57bd911dd Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:02 GMT content-encoding gzip via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 age 11 vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=60, stale-while-revalidate x-amz-cf-id PAXCtBRtDs9zg4WTFciV_1eNC6f3CmZmQf0QhAxkqNYy0OLIUd5HLg== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	172 B 514 B	376ms 373ms	Image image/webp	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2Fimages%2Ffacebook.png&w=32&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 187efaa8f9d7ba925efe91f2fa1e9d7a6dafee0258956206a6a20036b479df7e Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:02 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 age 11 etag f5-w3+75Y0pkNJcofC+QY1u8xhmxLc vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=60, stale-while-revalidate content-length 172 x-amz-cf-id wBra2DyS9IrQRPevTEznnyVbgewmj0f-Yq3Mi6SdOklluYM-74s0OQ== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	252 B 595 B	376ms 374ms	Image image/webp	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2Fimages%2Ftwitter.png&w=32&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash ea4637a7575ae3f71fe6b2f7315874d8a7ae8b6e5a42d90f3f18c0a323138c59 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:02 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 age 11 etag f4-haBHbLOnPf8UfzMf8xMg9QlJ6kY vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=60, stale-while-revalidate content-length 252 x-amz-cf-id MGYliEzZxFyfc7-IVRjYVN3aJvXvYxRlww_SG-hgfxNLMnBdj3I0cA== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	188 B 531 B	376ms 374ms	Image image/webp	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2Fimages%2Flinkedin-footer.png&w=32&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 5c18e7362438ba5f62be91205058fa3932404c99f8b30ddc92ba779b1771b674 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:02 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 age 11 etag fc-+ugBIk+UBJ6ut/ZV8B0+FepjXKM vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=60, stale-while-revalidate content-length 188 x-amz-cf-id 6D16ISjzTPCeYV8LA5nS-mEaqgg3Q-qMs1tUBz4L3wjB5Ju_W7PIPg== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	250 B 593 B	377ms 375ms	Image image/webp	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2Fimages%2Ftelegram.png&w=32&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash a0cac5c2b9afd9f1b17629e88864234dc0c0dcbf9eb4bfc4c2bdaecfe222eba8 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:02 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 age 11 etag f5-QA68+GUEIf2hV7M/SzIRuUpioF0 vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=60, stale-while-revalidate content-length 250 x-amz-cf-id ZhyOqt3yQrN4WrFGAFupvZtznHYcM80B1Cva-AASLlaZ4EIEGpKHjA== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	250 B 592 B	377ms 376ms	Image image/webp	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2Fimages%2Fyoutube.png&w=32&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 34f8c9a75b31b102c668cb0fe437113218358143be40d809f5a3c07c29c6b166 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:02 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 age 11 etag f4-IflmYNHU2j6SDQacE/X+74Mpgk0 vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=60, stale-while-revalidate content-length 250 x-amz-cf-id 909DJxqI-7hLasBCf81_-G-L7J0Ytq2iqxY6vgrJm5JrGCGwzVySfA== x-amplify-optimized true
GET H2	200	586840998618356 Show response connect.facebook.net/signals/config/	133 KB 35 KB	10ms 10ms	Script application/x-javascript	2a03:2880:f00c:300:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/586840998618356?v=2.9.138&r=stable&domain=www.secureblink.com Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash fdbc88dee57571ffa56ac278d3e8c908829f48bb4d07542199728fe557974287 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 05 Dec 2023 09:23:13 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 35375 x-xss-protection 0 reporting-endpoints coep_report="https://www.facebook.com/browser_reporting/?minimize=0" pragma public x-fb-debug GM/yu3imTCfOI2hIz7Tj2byQ/9naZk4qmK0RaM32eWoyXx65kZNW+o7h7ki+HPhtVQmhEr94cRQGOjG+0BL3CQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	purify.min.js Show response cdnjs.cloudflare.com/ajax/libs/dompurify/2.4.3/	21 KB 8 KB	128ms 40ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/dompurify/2.4.3/purify.min.js Requested by Host: www.gartner.com URL: https://www.gartner.com/reviews/public/Widget/js/widget.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 265dc9381f2b760551a12eb31f4bbc194ea6609b90fd79a59fc53cb0e1210146 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:13 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 294612 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 7628 last-modified Fri, 06 Jan 2023 14:33:26 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "63b83136-1dcc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8cV4Vg9h9AZTABlR0h0iqmbL5cC8pYZZeO1zwDXECKaiVXH0W5l5jFRsloPj6B8W8eC%2FZF146%2F2gng8mYD77lGBOSWA5hjUiN5IkyCRHcLYZ7raDrJVrVwz68zqF3kTk52%2Fw%2FtTQBHiJQW7jLXRw2K3"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 830b3aaaaa893e54-SIN expires Sun, 24 Nov 2024 09:23:13 GMT
GET H2	200	widget.css www.gartner.com/reviews/public/Widget/css/	155 KB 112 KB	64ms 63ms	Stylesheet text/css	13.33.88.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gartner.com/reviews/public/Widget/css/widget.css Requested by Host: www.gartner.com URL: https://www.gartner.com/reviews/public/Widget/js/widget.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.88.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-88-121.sin2.r.cloudfront.net Software Apache / Express Resource Hash 48069549555730d586f6b176fcd26ebd19349e9271acdc8e0474caa15501e542 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:03 GMT content-encoding gzip via 1.1 57441ee201b6bfb8ff8be48f8e002574.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 09:29:59 GMT server Apache x-amz-cf-pop SIN2-P2 age 10 x-powered-by Express etag W/"26a81-18c3429b9d8" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes x-amz-cf-id zAFLumoVrO06KTivcfgclCMreuWSLvrX_dTi45SHNDZBO0fMGQN-yA==
GET H2	200	data Show response www.gartner.com/reviews/public/Widget/ Frame C358	34 KB 14 KB	130ms 129ms	Document text/html	13.33.88.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gartner.com/reviews/public/Widget/data?widget_id=Y2QwNTA2ZGYtNWRmNi00MjVhLTllZWEtMmUzMzk4ZjgxNDU4&size=small Requested by Host: www.gartner.com URL: https://www.gartner.com/reviews/public/Widget/js/widget.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.88.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-88-121.sin2.r.cloudfront.net Software Apache / Express Resource Hash daaae85161500467de07c3e9d0a3793886413b48146f91b41b2f79d841162fd1 Request headers Referer https://www.secureblink.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers age 10 cache-control private content-encoding gzip content-type text/html; charset=utf-8 date Tue, 05 Dec 2023 09:23:03 GMT etag W/"57f-sr923y4RyJqqcTbg3QoemUgdIRE:dtagent1024322060615355013ZP:dtagent1024322060615355013ZP" server Apache vary Accept-Encoding via 1.1 57441ee201b6bfb8ff8be48f8e002574.cloudfront.net (CloudFront) x-amz-cf-id HeKOd7Mn3GuG_ddmuwLZwGkrIXdPlvSybjZxuBqAnHJTHDjBzOgN5Q== x-amz-cf-pop SIN2-P2 x-cache Hit from cloudfront x-oneagent-js-injection true x-powered-by Express x-ruxit-js-agent true
GET H2	200	widget.js Show response assets.calendly.com/assets/external/	53 KB 19 KB	207ms 123ms	Script application/javascript	2606:4700:4400::6812:29af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.calendly.com/assets/external/widget.js Requested by Host: www.secureblink.com URL: https://www.secureblink.com/_next/static/chunks/main-515dc100d4cac93d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:29af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb9b294b344cf47c2af14fafe8528fccc545cb25b9325802a3bd1b0696171b6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:13 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT last-modified Fri, 10 Nov 2023 20:45:26 GMT cf-bgj minify server cloudflare age 200 etag W/"3be18f0a18cf9980a421cf1577f639f4" vary Accept-Encoding content-type application/javascript content-encoding br cache-control public, max-age=300 cf-ray 830b3aaaaf003e49-SIN expires Wed, 06 Dec 2023 09:23:13 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	134 KB 51 KB	158ms 36ms	Script application/javascript	2404:6800:4003:c00::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NRLF5T7&gtm_auth=&gtm_preview=&gtm_cookies_win=x Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::61 Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash cfea3158095b8968edd3e370bc636e1960470fde3aac0f428b17dcafbdda9b34 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:13 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52177 x-xss-protection 0 last-modified Tue, 05 Dec 2023 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 05 Dec 2023 09:23:13 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	1 KB 1 KB	69ms 23ms	Script text/javascript	2404:6800:4003:c01::69 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit Requested by Host: www.secureblink.com URL: https://www.secureblink.com/_next/static/chunks/pages/_app-6a1b5335006f31e0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c01::69 Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 83c4fc63649238e637e491b0b99fb43e67c6b0650b4963644818da011778a0e9 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:13 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Tue, 05 Dec 2023 09:23:13 GMT
GET DATA	200 OK	truncated /	80 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bc59e9e2680022e61622b7579d1fc91e5706c2f7281e22af89d83d779880c100 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	80 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b76c270d5cedcb7e67bed189d00929e37346fe8a00cd68b58fcaa3010b5886c3 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	80 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6efe95a016e670c62a56549aacff36565bf4c9ed25b036c69c31d5b703be1822 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash af144d639dc5c33722d3426bda462d68577e1c63ab319abf355da1ef73859495 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 01caedad832b59a0eef0cb3b1ff876447af8c272d7cbdc0a9728e5174448f0a7 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	80 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 473ca52b8fcb34b1904bb2a73e4852933cc7ceaf21fdd6d281ae4ca27880e229 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	sofia-pro-medium.woff www.secureblink.com/fonts/sofia/	65 KB 66 KB	136ms 136ms	Font font/woff	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/fonts/sofia/sofia-pro-medium.woff Requested by Host: www.secureblink.com URL: https://www.secureblink.com/_next/static/css/1fdf5d0cfce7365d.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash e4a1cc77624e0ba87807d1bedc774c42d7cd50215cc8941a6d59722f72263a97 Request headers Referer https://www.secureblink.com/_next/static/css/1fdf5d0cfce7365d.css Origin https://www.secureblink.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:13 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:30 GMT server CloudFront x-amz-cf-pop SIN2-C1 etag "c3662f29b33e95684ee05ac87bff9b2b" x-cache Miss from cloudfront content-type font/woff cache-control max-age=5, stale-while-revalidate accept-ranges bytes content-length 67004 x-amz-cf-id U5gkD7J57EzS8uFYKg9hHG-7kuC0ZC5tlsNax5DudHZo52NybAHmzw==
GET H2	200	us.webp flagcdn.com/w40/	230 B 792 B	427ms 19ms	Image image/webp	2606:4700:3036::6815:1fe4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://flagcdn.com/w40/us.webp Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:1fe4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3608ba1bdbc992417013a80c95050719f3528e7e4434fbdfa7822b444c46164 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 987106 alt-svc h3=":443"; ma=86400 content-length 230 last-modified Thu, 08 Jun 2023 17:48:35 GMT server cloudflare etag "64821473-e6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXERP5FQ%2BXs0OQNS%2FP%2FnNtckmdD3DO5Ppt4RVQyBlsQTAK8Ve1uns8Ka1ZRzUWxLV627Qz7Rb6zwTnah6dddR12hq5dgjsO7E9Wzuy3XdXcati5QHfGU9OBpLaB9e%2BgO3ru%2Fthhn%2F9yTsg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control public, max-age=2678400, s-maxage=2678400 accept-ranges bytes cf-ray 830b3aadb8919fb3-SIN
GET H2	200	/ www.facebook.com/tr/	0 185 B	397ms 3ms	Image text/plain	2a03:2880:f10c:381:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=586840998618356&ev=PageView&dl=https%3A%2F%2Fwww.secureblink.com%2Fthreat-research%2Fcarderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard&rl=&if=false&ts=1701768193797&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701768193795.1862304559&ler=empty&it=1701768193198&coo=false&rqm=GET Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f10c:381:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 05 Dec 2023 09:23:14 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	sofia-pro-light-italic.woff www.secureblink.com/fonts/sofia/	68 KB 68 KB	127ms 126ms	Font font/woff	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/fonts/sofia/sofia-pro-light-italic.woff Requested by Host: www.secureblink.com URL: https://www.secureblink.com/_next/static/css/1fdf5d0cfce7365d.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 9826011ef18778c99869c0802e302bfe03f1c2464905737693b6aa07279c9a8c Request headers Referer https://www.secureblink.com/_next/static/css/1fdf5d0cfce7365d.css Origin https://www.secureblink.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:13 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:30 GMT server CloudFront x-amz-cf-pop SIN2-C1 etag "f9b8ca5b7bb755537631a86b143b77ef" x-cache Miss from cloudfront content-type font/woff cache-control max-age=5, stale-while-revalidate accept-ranges bytes content-length 69204 x-amz-cf-id aeWszXBOtnp-tePWkXTU0Xqr_fa_rz0bakt5xqC82irhcyvqKzQIZg==
GET H2	200	ruxitagentjs_A2NVfhjqru_10243220606153550.js Show response www.gartner.com/ Frame C358	170 KB 67 KB	17ms 16ms	Script text/javascript	13.33.88.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gartner.com/ruxitagentjs_A2NVfhjqru_10243220606153550.js Requested by Host: www.gartner.com URL: https://www.gartner.com/reviews/public/Widget/data?widget_id=Y2QwNTA2ZGYtNWRmNi00MjVhLTllZWEtMmUzMzk4ZjgxNDU4&size=small Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.88.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-88-121.sin2.r.cloudfront.net Software Apache / Resource Hash 21091df3e91e575d018aa5b94c490bc0921233e901913052ceec557a2f3537ae Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.gartner.com/reviews/public/Widget/data?widget_id=Y2QwNTA2ZGYtNWRmNi00MjVhLTllZWEtMmUzMzk4ZjgxNDU4&size=small User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 07 Nov 2023 17:53:22 GMT content-encoding gzip via 1.1 57441ee201b6bfb8ff8be48f8e002574.cloudfront.net (CloudFront) last-modified Wed, 03 Mar 2010 07:01:40 GMT server Apache x-amz-cf-pop SIN2-P2 age 2388590 x-cache Hit from cloudfront content-type text/javascript; charset=utf-8 cache-control public, max-age=31536000, immutable content-length 67984 x-amz-cf-id 7SAV_065cg4o-pI9NHoPR-wpWFThrzNkOrgI7oeFimvUuZRVmyfPeA== expires Wed, 06 Nov 2024 17:53:22 GMT
GET H2	200	data.js Show response www.gartner.com/reviews/public/Widget/js/ Frame C358	2 KB 1 KB	8ms 7ms	Script application/javascript	13.33.88.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gartner.com/reviews/public/Widget/js/data.js Requested by Host: www.gartner.com URL: https://www.gartner.com/reviews/public/Widget/data?widget_id=Y2QwNTA2ZGYtNWRmNi00MjVhLTllZWEtMmUzMzk4ZjgxNDU4&size=small Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.88.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-88-121.sin2.r.cloudfront.net Software Apache / Express Resource Hash 2ece63665d1c156d538ab3ab54b1239af56ceaa6d199d26580c877fefea8688d Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.gartner.com/reviews/public/Widget/data?widget_id=Y2QwNTA2ZGYtNWRmNi00MjVhLTllZWEtMmUzMzk4ZjgxNDU4&size=small User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:03 GMT content-encoding gzip via 1.1 57441ee201b6bfb8ff8be48f8e002574.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 09:24:54 GMT server Apache x-amz-cf-pop SIN2-P2 age 10 x-powered-by Express etag W/"6d4-18c34251270" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes x-amz-cf-id TPhBbN16ZvcqARMbdqL31o2bARWaG1xzOMl_bdldtkkztcokp_9M6A==
GET H2	200	image www.secureblink.com/_next/	15 KB 15 KB	194ms 180ms	Image image/webp	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fcompany-logo.46a002dc.png&w=1080&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 6cba58fade30219ba670f485776fe275b4a041ff8c5dbd0b59bbf4a6fa406f05 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 etag 110-ZRMipoKhoBJAtv8RAdP9IDonI3g vary Accept x-cache Miss from cloudfront content-type image/webp cache-control public, max-age=31536000, immutable content-length 15260 x-amz-cf-id 8VToVld-oFjxvLNyj6_l7gReqAmD8fMOV-VjpX40RGxnwiXXo8IRFw== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	455 B 784 B	172ms 159ms	Image image/svg+xml	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FFacebook_Icon.f627c41e.svg&w=32&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 63c1b71635eaf47bac49e11b4a40e86278dd8797eaafa20695c3680807de366b Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 etag 10f-QYlIn8NJjnjzqZG8r6ZRmRcC+bw x-cache Miss from cloudfront content-type image/svg+xml cache-control public, max-age=31536000, immutable content-length 455 x-amz-cf-id pWrjMnnLV11wywcH8ShCVxOdW452SVwsgDFef9hnugi2eF9EbmY0bg== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	920 B 1 KB	176ms 163ms	Image image/svg+xml	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FTwitter_Icon.7ebdfcac.svg&w=32&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 17295a608323eb3aa768ff4ba9e67ac25a5e74e441a361849e4536b214397d1b Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 etag 10e-cHNDsv0JbBYNahsTxBHzjzVLbH8 x-cache Miss from cloudfront content-type image/svg+xml cache-control public, max-age=31536000, immutable content-length 920 x-amz-cf-id EXypiEvBuDoMuhlAUaq3y-4p1aPDe-bOci4TSFsMbCiw0tlN2tzaEw== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	884 B 1 KB	189ms 177ms	Image image/svg+xml	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FLinked_Icon.91310dac.svg&w=32&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash f9afe54e86e57f1976f4a1ef30c277cb78b861bd6ee57871910e198785de6ce4 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 etag 10d-v8Ca2aX8dooIpD+fFPZelx7ROLI x-cache Miss from cloudfront content-type image/svg+xml cache-control public, max-age=31536000, immutable content-length 884 x-amz-cf-id g_QX2ysgoGW3o-a9voSKcG_8m5EO1BFcuupc_OT_XRucMX_GRL6pnQ== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	852 B 1 KB	214ms 202ms	Image image/svg+xml	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCopy_Icon.c922a3a3.svg&w=32&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 2c30c33355e422ee187b27e69dfc15ed1f432e1258774d966d725e6bae887250 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 etag 10b-R6TG/RLREzTpuqaczHpWETqxaFM x-cache Miss from cloudfront content-type image/svg+xml cache-control public, max-age=31536000, immutable content-length 852 x-amz-cf-id B2VzXeEbxrGO3Roi__8uDTZ-2EqTlcrNmRhOEYYx8vb_VPHs-W-azg== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	91 KB 91 KB	466ms 454ms	Image image/webp	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=https%3A%2F%2Fsb-cms.s3.ap-south-1.amazonaws.com%2FCARDERBEE_APT_253a566084.jpg&w=1920&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 95ea2848a07058c03aa59c11937f3a346233a4e9e6b97cb69c0dd960479cf18b Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 etag 12a-JtzwdSfdPk8d10DSWwQMUY7SHgQ vary Accept x-cache Miss from cloudfront content-type image/webp cache-control max-age=60 content-length 93084 x-amz-cf-id TmqvJhDufVGZxBoX2JOwVVrmhqDFBSd78zJeOKwFJeu0cJvk9ra4yg== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	76 KB 76 KB	834ms 823ms	Image image/webp	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=https%3A%2F%2Fstorage.googleapis.com%2Fsb-cms%2FAvos_Locker_4ded35e252%2FAvos-Locker_Avos_Locker_4ded35e252.jpeg&w=1920&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash a96bcb528f54e090ef316a2bd503f71579969a211bb05234e729de80fc75e1bf Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 etag 147-f+KlxAGI4EnE+932wA62KnW6AbU vary Accept x-cache Miss from cloudfront content-type image/webp cache-control max-age=3600 content-length 77640 x-amz-cf-id 7jOLC40mWbWqVx2lztDEzkxVAWK3O4jiYvDMWp6kU32oBq7ThdRtQw== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	232 B 570 B	201ms 190ms	Image image/webp	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fcalendar.2a9dcf9a.png&w=16&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 113a7984dd7bed61962f0392c457211dc61cbd1213245cda050f0529a9fbe7e8 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 etag 10a-S19SG88bh3w1pDXO4hZizYeQqxo vary Accept x-cache Miss from cloudfront content-type image/webp cache-control public, max-age=31536000, immutable content-length 232 x-amz-cf-id qe65DaMbSStwGYVlgGZeWdbHxWJqqGBfuP98n1n4WlngR-ZFEvdqxg== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	220 B 556 B	165ms 155ms	Image image/webp	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FopenBook.793df83c.png&w=16&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 5698cb440692e1a960d98ddfa4d6ecc86416953ca684be6b02f40a85527434f1 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 etag 10a-Y8pRwhsOEX0mWQKdhRXmOtFT5lI vary Accept x-cache Miss from cloudfront content-type image/webp cache-control public, max-age=31536000, immutable content-length 220 x-amz-cf-id 7jpxALsFVXrAUqU4zgt8ofJ1E9BaoTBHu49GI5CH5cHsHhiTBiimug== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	91 KB 91 KB	398ms 389ms	Image image/webp	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=https%3A%2F%2Fsb-cms.s3.ap-south-1.amazonaws.com%2FStorm_0324_4800cb2ce2.jpg&w=1920&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash a11530ad71dc67229a54d008d2b493362447adde23c6b582e8dbf83b3847bb65 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 etag 127-57znGg+sTdNxGz/FJ9kx6U4NoLk vary Accept x-cache Miss from cloudfront content-type image/webp cache-control max-age=60 content-length 92878 x-amz-cf-id VmyJRXFzoLaNjwpg_4bP4KUCtLbQIj9arHHs2OQ4mEJAqQcqyrARdw== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	55 KB 56 KB	454ms 445ms	Image image/webp	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=https%3A%2F%2Fsb-cms.s3.ap-south-1.amazonaws.com%2FScar_Cruft_b2d156c22e.jpg&w=1920&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash d8c752515ee7e4595fc3deb7587ea6274319bb87ea7fead361414f0e2babda5d Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 etag 127-8fFfPB5H/WwAYbw4mEq2DdBZQPs vary Accept x-cache Miss from cloudfront content-type image/webp cache-control max-age=60 content-length 56516 x-amz-cf-id f2ArahZT2rGfYmuGrtmp_RlSTKyy45-3sedelsAm1IIvtsaQimRiTA== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	9 KB 9 KB	357ms 348ms	Image image/webp	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fasdf.65a68e20.png&w=256&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 6b307e8a10efd7b73f093ff21b7537574ee0bb8552de89ece47abaf01111f0ed Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 etag 107-aNZA42xkvI9FbWm3y9eHb9wx08A vary Accept x-cache Miss from cloudfront content-type image/webp cache-control public, max-age=31536000, immutable content-length 8732 x-amz-cf-id aDo33QlZ20VnhOT0E7YrLvddH2vyPwct-UOwKd57JIyuf1eK2E7Ypw== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	32 KB 33 KB	484ms 475ms	Image image/webp	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fusp-dashboard.9c80ea33.png&w=1080&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 0578472f3b646d59a9a05c2f2339ce4f80f985d230446531907a478a04adb007 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 etag 111-dBaMN/7e8w/6qF8+fQ46soop+Dg vary Accept x-cache Miss from cloudfront content-type image/webp cache-control public, max-age=31536000, immutable content-length 32960 x-amz-cf-id XYwWHTF4FBjGDSgPv18dwpmIMI6wKn4pr_bFA2piQhJ8G7SPUbzVVQ== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	2 KB 3 KB	175ms 167ms	Image image/webp	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fline.90a223c3.png&w=256&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 29ca21637e7b87219899aab72fdeeda5aaafe16ff6471b348aee624e49fb5fb2 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 etag 107-2TWF0otX+UFlc/ljtr9Us9+gaEU vary Accept x-cache Miss from cloudfront content-type image/webp cache-control public, max-age=31536000, immutable content-length 2514 x-amz-cf-id a5Qq7CMthOls9J-0gi_MTRhnbi_dtgKXs2TNHF_VzkSddUSr-vwx8w== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	664 B 992 B	173ms 166ms	Image image/svg+xml	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2Fimages%2Fclose-icon.svg&w=48&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 4aecb6840beb6b8fe5818af798d1666a6f3c5aa65989e6f85edca08af0e34b8a Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 etag f7-JiKfcKBS1fCfuApW9asR8nBF7YI x-cache Miss from cloudfront content-type image/svg+xml cache-control max-age=60, stale-while-revalidate content-length 664 x-amz-cf-id QVUQponSrYOduQClQ3zLCKjINqiIrpqqT3zFntVJaG-4q33EgwOCRQ== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	3 KB 2 KB	337ms 330ms	Image image/svg+xml	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FContact_Icon.7bcc9d47.svg&w=64&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash a9bafb6bc738fb0dd760d65c3e5183169881b0482896b7c8872d34e6e8ba1a73 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT content-encoding gzip via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 vary Accept-Encoding x-cache Miss from cloudfront content-type image/svg+xml cache-control public, max-age=31536000, immutable x-amz-cf-id MauJKCWzg7LuvsVTBdgEDTMiRZ4j_RrHQJEUeu7rOiT495DmV1TI3Q== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	2 KB 1 KB	158ms 152ms	Image image/svg+xml	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FPartnerImg.02aa7ad5.svg&w=96&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 74fea87d96cb040a8a24d7793031a0b1769bf959a021b76e15b7a4cd4ff0390a Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT content-encoding gzip via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 vary Accept-Encoding x-cache Miss from cloudfront content-type image/svg+xml cache-control public, max-age=31536000, immutable x-amz-cf-id oS6pFeuKEGVYamwua_BTvvYv-J1qbp5pdrc0Fay1n7zXFTw0o_g0dQ== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	6 KB 6 KB	197ms 191ms	Image image/webp	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FSubscribe_Logo.6f596f5b.png&w=384&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 9182f98a423145bffcc2538e18a91d1d17f3ae0eb637183054674fd8428edfe0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 etag 111-WLNzu600GpZHvUaxAJBU951JXEE vary Accept x-cache Miss from cloudfront content-type image/webp cache-control public, max-age=31536000, immutable content-length 5822 x-amz-cf-id K_lyjbk05UaRCsAr3QEscC9BkFgqJgVk2yBGKQLIEE37CFqrfAo4bQ== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	404 B 742 B	316ms 311ms	Image image/webp	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FSubscribe_Icon.c2939bbb.png&w=32&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 686d643a6af8ab834fe1aa4eedeb83ec3a421457b0d42b5ce9a9eadeefcc63d7 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 etag 110-A3CZXmsr/x1nuzFZ3ZcaLXvq7uY vary Accept x-cache Miss from cloudfront content-type image/webp cache-control public, max-age=31536000, immutable content-length 404 x-amz-cf-id pCqt5ChFiNm_5hGgndWZWwG6X4SJy0v96Fx5NjpOCfQERib2mlGRVA== x-amplify-optimized true
GET H2	200	image www.secureblink.com/_next/	5 KB 6 KB	201ms 196ms	Image image/webp	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.secureblink.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FSubscribe_Bg_Design.650f8e0c.png&w=1920&q=75 Requested by Host: www.secureblink.com URL: https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 917fdd717420d3ddda0566b2d04fdf0529bd82a444dd0a1962525ba23be20a04 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop SIN2-C1 etag 117-u2KvYFzV8oG14mqNPCfLXNzsnvw vary Accept x-cache Miss from cloudfront content-type image/webp cache-control public, max-age=31536000, immutable content-length 5538 x-amz-cf-id fQ4ZBsEyG99G65J-SigVO1aGK0oPkpTJBNa0BTAELWyhWB_6jRJCUg== x-amplify-optimized true
GET H2	200	recaptcha__zh_cn.js Show response www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/	474 KB 189 KB	226ms 7ms	Script text/javascript	2404:6800:4003:c01::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__zh_cn.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4cc987f62e0b9441dd048b42e0aadb743c8d08b29efeb685fbc37f5812fb0e41 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.secureblink.com/ Origin https://www.secureblink.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 04:27:47 GMT content-encoding gzip x-content-type-options nosniff age 104127 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 192746 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 03 Dec 2024 04:27:47 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	190ms 3ms	Script text/javascript	2404:6800:4003:c1a::8b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRLF5T7&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1a::8b Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 05 Dec 2023 08:14:05 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 4149 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 05 Dec 2023 10:14:05 GMT
GET H2	200	2b5e6e2abfed2b04.css Show response www.secureblink.com/_next/static/css/	20 KB 4 KB	117ms 117ms	Fetch text/css	2600:9000:2003:5c00:f:f6ee:b780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.secureblink.com/_next/static/css/2b5e6e2abfed2b04.css Requested by Host: www.secureblink.com URL: https://www.secureblink.com/_next/static/chunks/main-515dc100d4cac93d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2003:5c00:f:f6ee:b780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash f01326705cce06d933ccb8e656cd9cfc76d2cbc70bf5f4cadc19fae07dd0fde8 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/threat-research/carderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT content-encoding gzip via 1.1 46dd9ae2d97161deaefbdceeae5f57ac.cloudfront.net (CloudFront) last-modified Wed, 15 Nov 2023 14:05:29 GMT server CloudFront x-amz-cf-pop SIN2-C1 etag W/"fd62b4548521204a3c4d535897fc5931" vary Accept-Encoding x-cache Miss from cloudfront content-type text/css cache-control public, max-age=31536000, immutable x-amz-cf-id uWH3LQY3l4obhxgII_pwqiAvFdQ5EXa80GwI0vCrbOC1JjlVm44YmQ==
GET H2	200	api Show response www.gartner.com/reviews/ Frame C358	2 KB 2 KB	304ms 301ms	XHR application/json	13.33.88.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gartner.com/reviews/api?apiKey=ZTU3MThjMWEtOTc1ZS00YzgwLWIzZGEtNDg0ODlkMDc0ODRk&paramsKey=Y2QwNTA2ZGYtNWRmNi00MjVhLTllZWEtMmUzMzk4ZjgxNDU4 Requested by Host: www.gartner.com URL: https://www.gartner.com/reviews/public/Widget/js/data.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.88.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-88-121.sin2.r.cloudfront.net Software Apache / Express Resource Hash 29cfde911c0a5c9d79d7abc039ae6254bf47a249a41392a1512bab75329de931 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.gartner.com/reviews/public/Widget/data?widget_id=Y2QwNTA2ZGYtNWRmNi00MjVhLTllZWEtMmUzMzk4ZjgxNDU4&size=small User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT content-encoding gzip via 1.1 57441ee201b6bfb8ff8be48f8e002574.cloudfront.net (CloudFront) server Apache x-amz-cf-pop SIN2-P2 x-powered-by Express etag W/"783-dGXUsJAm1fOHFX2PcfC+5uM5pOE:dtagent1024322060615355013ZP:dtagent1024322060615355013ZP" vary Accept-Encoding x-cache Miss from cloudfront content-type application/json; charset=utf-8 cache-control private server-timing dtSInfo;desc="0", dtRpid;desc="279928117" x-amz-cf-id Uu2DXpMfar80EIw7sFd4g8mLOrbtOXBFxKu5xLLefZmLJCH-jUqEgQ==
POST H2	200	collect Show response www.google-analytics.com/j/	15 B 224 B	5ms 4ms	XHR text/plain	2404:6800:4003:c1a::8b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=490702464&t=pageview&_s=1&dl=https%3A%2F%2Fwww.secureblink.com%2Fthreat-research%2Fcarderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard&ul=en-us&de=UTF-8&dt=Carderbee%20APT%3A%20After%20Hong%20Kong%20%26%20Asia%20with%20PlugX%20Malware%20via%20Cobra%20DocGuard%20%7C%20Secure%20Blink&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1978528354&gjid=1866354191&cid=176127586.1701768194&tid=UA-151054930-1&_gid=1467699827.1701768194&_r=1&_slc=1&gtm=45He3bt0n81NRLF5T7v893244733&gcd=11l1l1l1l1&dma=0&z=725008160 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1a::8b Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash c77327e39a27ad56ea2c7115fadad1f1c5a5048455f91f2fc797f6b1a98c56c7 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.secureblink.com/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 05 Dec 2023 09:23:14 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.secureblink.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	269 KB 91 KB	8ms 8ms	Script application/javascript	2404:6800:4003:c00::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-SSGMGFF6J9&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::61 Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b556e0aa2a2cbaff79cb0051d3374c705d46ad591bd62c0a458aaeb4b9f69d7f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93305 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 05 Dec 2023 09:23:14 GMT
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame FDCB	60 KB 34 KB	22ms 21ms	Document text/html	2404:6800:4003:c01::69 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=f3z9is1g9nxo Requested by Host: www.secureblink.com URL: https://www.secureblink.com/_next/static/chunks/pages/_app-6a1b5335006f31e0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c01::69 Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 9e3fdd49598d3397f2d9b63daddc3a38796e968f01932e0fe9caa675eef981fe Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-LfipYg1H0A037OnA0SDXig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.secureblink.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-LfipYg1H0A037OnA0SDXig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 05 Dec 2023 09:23:14 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 1C5E	60 KB 34 KB	18ms 17ms	Document text/html	2404:6800:4003:c01::69 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=7v8y1goycnld Requested by Host: www.secureblink.com URL: https://www.secureblink.com/_next/static/chunks/pages/_app-6a1b5335006f31e0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c01::69 Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 0fb59ae813c800d27f067d31688bd34380b53d7d1827c5b22ebc30287c7db04a Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-X0phCjAbj3thqp3OZwJ1uA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.secureblink.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-X0phCjAbj3thqp3OZwJ1uA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 05 Dec 2023 09:23:14 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 5B7B	59 KB 34 KB	88ms 87ms	Document text/html	2404:6800:4003:c01::69 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=qs2np2il4s0a Requested by Host: www.secureblink.com URL: https://www.secureblink.com/_next/static/chunks/pages/_app-6a1b5335006f31e0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c01::69 Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 788bbfa0271b593af4a3dcaeb75a5fde4c20a99cc2abe83a10e0ebbd31de5104 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-28bHVKE2llv9RxR4_qPDew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.secureblink.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-28bHVKE2llv9RxR4_qPDew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 05 Dec 2023 09:23:14 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame D271	60 KB 34 KB	53ms 53ms	Document text/html	2404:6800:4003:c01::69 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=bmmi1intwk5u Requested by Host: www.secureblink.com URL: https://www.secureblink.com/_next/static/chunks/pages/_app-6a1b5335006f31e0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c01::69 Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash dc7511785a6e6b923fa15d24bea7341ac3f199184afdac1986c686bdb2c39082 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-VIuefCw_i6_0wRanYSelyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.secureblink.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-VIuefCw_i6_0wRanYSelyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 05 Dec 2023 09:23:14 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 1C5E	55 KB 24 KB	95ms 39ms	Stylesheet text/css	2404:6800:4003:c01::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=7v8y1goycnld Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Fri, 01 Dec 2023 00:55:33 GMT content-encoding gzip x-content-type-options nosniff age 376061 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 30 Nov 2024 00:55:33 GMT
GET H3	200	recaptcha__zh_cn.js Show response www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 1C5E	474 KB 188 KB	113ms 59ms	Script text/javascript	2404:6800:4003:c01::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__zh_cn.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=7v8y1goycnld Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4cc987f62e0b9441dd048b42e0aadb743c8d08b29efeb685fbc37f5812fb0e41 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 04:27:47 GMT content-encoding gzip x-content-type-options nosniff age 104127 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 192746 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 03 Dec 2024 04:27:47 GMT
POST H3	204	collect www.google-analytics.com/g/	0 17 B	37ms 36ms	Ping text/plain	2404:6800:4003:c1a::8b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-SSGMGFF6J9&gtm=45je3bt0v885885607&_p=1701768193636&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=176127586.1701768194&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.secureblink.com%2Fthreat-research%2Fcarderbee-apt-after-hong-kong-and-asia-with-plug-x-malware-via-cobra-doc-guard&dt=Carderbee%20APT%3A%20After%20Hong%20Kong%20%26%20Asia%20with%20PlugX%20Malware%20via%20Cobra%20DocGuard%20%7C%20Secure%20Blink&sid=1701768194&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1979 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-SSGMGFF6J9&cx=c&_slc=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c1a::8b Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.secureblink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Tue, 05 Dec 2023 09:23:14 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.secureblink.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame FDCB	55 KB 24 KB	48ms 13ms	Stylesheet text/css	2404:6800:4003:c01::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=f3z9is1g9nxo Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Fri, 01 Dec 2023 00:55:33 GMT content-encoding gzip x-content-type-options nosniff age 376061 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 30 Nov 2024 00:55:33 GMT
GET H3	200	recaptcha__zh_cn.js Show response www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame FDCB	474 KB 188 KB	90ms 54ms	Script text/javascript	2404:6800:4003:c01::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__zh_cn.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=f3z9is1g9nxo Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4cc987f62e0b9441dd048b42e0aadb743c8d08b29efeb685fbc37f5812fb0e41 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 04:27:47 GMT content-encoding gzip x-content-type-options nosniff age 104127 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 192746 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 03 Dec 2024 04:27:47 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame D271	55 KB 24 KB	33ms 18ms	Stylesheet text/css	2404:6800:4003:c01::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=bmmi1intwk5u Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Fri, 01 Dec 2023 00:55:33 GMT content-encoding gzip x-content-type-options nosniff age 376061 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 30 Nov 2024 00:55:33 GMT
GET H3	200	recaptcha__zh_cn.js Show response www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame D271	474 KB 188 KB	67ms 51ms	Script text/javascript	2404:6800:4003:c01::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__zh_cn.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=bmmi1intwk5u Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4cc987f62e0b9441dd048b42e0aadb743c8d08b29efeb685fbc37f5812fb0e41 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 04:27:47 GMT content-encoding gzip x-content-type-options nosniff age 104127 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 192746 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 03 Dec 2024 04:27:47 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 5B7B	55 KB 24 KB	30ms 28ms	Stylesheet text/css	2404:6800:4003:c01::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=qs2np2il4s0a Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Fri, 01 Dec 2023 00:55:33 GMT content-encoding gzip x-content-type-options nosniff age 376061 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 30 Nov 2024 00:55:33 GMT
GET H3	200	recaptcha__zh_cn.js Show response www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 5B7B	474 KB 188 KB	46ms 45ms	Script text/javascript	2404:6800:4003:c01::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__zh_cn.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=qs2np2il4s0a Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4cc987f62e0b9441dd048b42e0aadb743c8d08b29efeb685fbc37f5812fb0e41 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 04:27:47 GMT content-encoding gzip x-content-type-options nosniff age 104127 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 192746 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 03 Dec 2024 04:27:47 GMT
GET H2	200	logo-bubble-white-bg-2x-min.png reviews.static.gartner.com/public/Widget/img/	2 KB 3 KB	76ms 27ms	Image image/png	2600:9000:229f:9200:14:c034:4840:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://reviews.static.gartner.com/public/Widget/img/logo-bubble-white-bg-2x-min.png Requested by Host: www.gartner.com URL: https://www.gartner.com/reviews/public/Widget/css/widget.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:229f:9200:14:c034:4840:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Express Resource Hash b59a0404929cf4a3ad1cbd9c2ffaaff3f8c2e838a70867c1de2dfddc5a2b2f91 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.gartner.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:04 GMT via 1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 09:24:54 GMT server Apache x-amz-cf-pop SIN2-P1 age 10 x-powered-by Express etag W/"923-18c34251270" x-cache Hit from cloudfront content-type image/png cache-control public, max-age=0 accept-ranges bytes content-length 2339 x-amz-cf-id N8Iqn000HpD4oYRsCBd2Gr0Q0WJPyDJSfqAXKI-6-J9P5EUPa-J5Ig==
GET H2	200	stars.png reviews.static.gartner.com/public/Widget/img/	1 KB 2 KB	72ms 25ms	Image image/png	2600:9000:229f:9200:14:c034:4840:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://reviews.static.gartner.com/public/Widget/img/stars.png Requested by Host: www.gartner.com URL: https://www.gartner.com/reviews/public/Widget/css/widget.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:229f:9200:14:c034:4840:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Express Resource Hash 22cecf5526a9a6a3c3d49dea18b28fd902a5a2bec155a04a7c21bb654b9ec0c9 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.gartner.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:04 GMT via 1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 09:24:54 GMT server Apache x-amz-cf-pop SIN2-P1 age 10 x-powered-by Express etag W/"4f5-18c34251270" x-cache Hit from cloudfront content-type image/png cache-control public, max-age=0 accept-ranges bytes content-length 1269 x-amz-cf-id njHW4Io_-EOBTYC8k1oSzkHCWmZoelhcDSy5TBJh3DFEgzvRHWz7NA==
GET H2	200	chevron-right.png reviews.static.gartner.com/public/Widget/img/	217 B 569 B	73ms 26ms	Image image/png	2600:9000:229f:9200:14:c034:4840:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://reviews.static.gartner.com/public/Widget/img/chevron-right.png Requested by Host: www.gartner.com URL: https://www.gartner.com/reviews/public/Widget/css/widget.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:229f:9200:14:c034:4840:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Express Resource Hash f75e7361bbcda225d800dd06644f99253ae2cf5ab6a0e47ff7967474e7afb4a6 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.gartner.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:04 GMT via 1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 09:24:54 GMT server Apache x-amz-cf-pop SIN2-P1 age 10 x-powered-by Express etag W/"d9-18c34251270" x-cache Hit from cloudfront content-type image/png cache-control public, max-age=0 accept-ranges bytes content-length 217 x-amz-cf-id McQL5Jdb3H6KH2VE-t8Y1r7eftHl7vkwybgv2G_l9xGt3oYAJqCHpA==
GET H2	200	hand-2x-min.png reviews.static.gartner.com/public/Widget/img/	371 B 725 B	72ms 26ms	Image image/png	2600:9000:229f:9200:14:c034:4840:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://reviews.static.gartner.com/public/Widget/img/hand-2x-min.png Requested by Host: www.gartner.com URL: https://www.gartner.com/reviews/public/Widget/css/widget.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:229f:9200:14:c034:4840:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Express Resource Hash ea275ed456aac5086fce66c4d6d1154397fd670ae0d5d0a863785879437cabe6 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.gartner.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:04 GMT via 1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 09:24:54 GMT server Apache x-amz-cf-pop SIN2-P1 age 10 x-powered-by Express etag W/"173-18c34251270" x-cache Hit from cloudfront content-type image/png cache-control public, max-age=0 accept-ranges bytes content-length 371 x-amz-cf-id PVkCWRi2tpDDICmYnsFfpo7gi_1MKCVqddd9Nn2kCzbbLQjd6OnGkQ==
GET DATA	200 OK	truncated /	36 KB 36 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7a2f15820ffe7ec552c256f18b8cd6485618d23a5648f535992e5c6928a542b7 Request headers Referer Origin https://www.secureblink.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type font/woff2
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame FDCB	2 KB 2 KB	5ms 4ms	Image image/png	2404:6800:4003:c01::5e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Fri, 01 Dec 2023 07:49:08 GMT x-content-type-options nosniff age 351246 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Fri, 08 Dec 2023 07:49:08 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame FDCB	15 KB 15 KB	20ms 7ms	Font font/woff2	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=f3z9is1g9nxo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Thu, 30 Nov 2023 07:25:43 GMT x-content-type-options nosniff age 439051 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 29 Nov 2024 07:25:43 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame FDCB	15 KB 16 KB	17ms 4ms	Font font/woff2	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=f3z9is1g9nxo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 15:12:59 GMT x-content-type-options nosniff age 151815 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 02 Dec 2024 15:12:59 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 1C5E	2 KB 2 KB	5ms 4ms	Image image/png	2404:6800:4003:c01::5e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Fri, 01 Dec 2023 07:49:08 GMT x-content-type-options nosniff age 351246 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Fri, 08 Dec 2023 07:49:08 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 1C5E	15 KB 15 KB	8ms 7ms	Font font/woff2	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=7v8y1goycnld Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Thu, 30 Nov 2023 07:25:43 GMT x-content-type-options nosniff age 439051 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 29 Nov 2024 07:25:43 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 1C5E	15 KB 15 KB	6ms 5ms	Font font/woff2	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=7v8y1goycnld Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 15:12:59 GMT x-content-type-options nosniff age 151815 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 02 Dec 2024 15:12:59 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame D271	2 KB 2 KB	9ms 7ms	Image image/png	2404:6800:4003:c01::5e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Fri, 01 Dec 2023 07:49:08 GMT x-content-type-options nosniff age 351246 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Fri, 08 Dec 2023 07:49:08 GMT
GET H3	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame D271	15 KB 15 KB	12ms 10ms	Font font/woff2	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=bmmi1intwk5u Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Thu, 30 Nov 2023 07:25:43 GMT x-content-type-options nosniff age 439051 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 29 Nov 2024 07:25:43 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame D271	15 KB 15 KB	9ms 8ms	Font font/woff2	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=bmmi1intwk5u Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 15:12:59 GMT x-content-type-options nosniff age 151815 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 02 Dec 2024 15:12:59 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame FDCB	105 B 138 B	9ms 9ms	Other text/javascript	2404:6800:4003:c01::69 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=zh-CN&v=-QbJqHfGOUB8nuVRLvzFLVed Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=f3z9is1g9nxo Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c01::69 Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 4787f9e735e3032fa6116ee02971beb9601559533e788b87f61511b333b0163d Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=f3z9is1g9nxo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=utf-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Tue, 05 Dec 2023 09:23:14 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 5B7B	2 KB 2 KB	16ms 15ms	Image image/png	2404:6800:4003:c01::5e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Fri, 01 Dec 2023 07:49:08 GMT x-content-type-options nosniff age 351246 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Fri, 08 Dec 2023 07:49:08 GMT
GET H3	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 5B7B	15 KB 15 KB	16ms 15ms	Font font/woff2	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=qs2np2il4s0a Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Thu, 30 Nov 2023 07:25:43 GMT x-content-type-options nosniff age 439051 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 29 Nov 2024 07:25:43 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 5B7B	15 KB 15 KB	18ms 17ms	Font font/woff2	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=qs2np2il4s0a Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 15:12:59 GMT x-content-type-options nosniff age 151815 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 02 Dec 2024 15:12:59 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 1C5E	105 B 138 B	20ms 20ms	Other text/javascript	2404:6800:4003:c01::69 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=zh-CN&v=-QbJqHfGOUB8nuVRLvzFLVed Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=7v8y1goycnld Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c01::69 Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 4787f9e735e3032fa6116ee02971beb9601559533e788b87f61511b333b0163d Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=7v8y1goycnld User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=utf-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Tue, 05 Dec 2023 09:23:14 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame D271	105 B 138 B	14ms 13ms	Other text/javascript	2404:6800:4003:c01::69 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=zh-CN&v=-QbJqHfGOUB8nuVRLvzFLVed Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=bmmi1intwk5u Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c01::69 Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 4787f9e735e3032fa6116ee02971beb9601559533e788b87f61511b333b0163d Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=bmmi1intwk5u User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=utf-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Tue, 05 Dec 2023 09:23:14 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 5B7B	105 B 138 B	6ms 6ms	Other text/javascript	2404:6800:4003:c01::69 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=zh-CN&v=-QbJqHfGOUB8nuVRLvzFLVed Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=qs2np2il4s0a Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c01::69 Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 4787f9e735e3032fa6116ee02971beb9601559533e788b87f61511b333b0163d Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=zh-CN&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=invisible&badge=bottomleft&cb=qs2np2il4s0a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 09:23:14 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=utf-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Tue, 05 Dec 2023 09:23:14 GMT
POST H2	200	bf Show response bf28149orj.bf.dynatrace.com/ Frame C358	205 B 478 B	811ms 276ms	XHR text/plain	34.206.202.70 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bf28149orj.bf.dynatrace.com/bf?type=js3&flavor=cors&vi=KSLPWFDNBQRMQVLOELJHPRRECDMJHATV-0&modifiedSince=1701341889683&rf=https%3A%2F%2Fwww.gartner.com%2Freviews%2Fpublic%2FWidget%2Fdata%3Fwidget_id%3DY2QwNTA2ZGYtNWRmNi00MjVhLTllZWEtMmUzMzk4ZjgxNDU4%26size%3Dsmall&bp=3&app=c9f1951eb65229e3&crc=443811707&en=4vwhu0vt&end=1 Requested by Host: www.gartner.com URL: https://www.gartner.com/ruxitagentjs_A2NVfhjqru_10243220606153550.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.206.202.70 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-206-202-70.compute-1.amazonaws.com Software / Resource Hash b9c6acda815ddbd2b0f8a0d88f6f9ee30c23288483dfd6fe94ee202378b9e962 Request headers Referer https://www.gartner.com/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.gartner.com x-oneagent-js-injection true date Tue, 05 Dec 2023 09:23:16 GMT cache-control no-cache content-length 205 content-type text/plain;charset=utf-8
POST H2	200	bf Show response bf28149orj.bf.dynatrace.com/ Frame C358	206 B 478 B	274ms 270ms	XHR text/plain	34.206.202.70 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bf28149orj.bf.dynatrace.com/bf?type=js3&flavor=cors&vi=KSLPWFDNBQRMQVLOELJHPRRECDMJHATV-0&modifiedSince=1701341889683&rf=https%3A%2F%2Fwww.gartner.com%2Freviews%2Fpublic%2FWidget%2Fdata%3Fwidget_id%3DY2QwNTA2ZGYtNWRmNi00MjVhLTllZWEtMmUzMzk4ZjgxNDU4%26size%3Dsmall&bp=3&app=c9f1951eb65229e3&crc=1831226181&en=4vwhu0vt&end=1 Requested by Host: www.gartner.com URL: https://www.gartner.com/ruxitagentjs_A2NVfhjqru_10243220606153550.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.206.202.70 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-206-202-70.compute-1.amazonaws.com Software / Resource Hash f6afe73b69b47f1a08b6f4a30405540278e3069ec384db16d8119501592c9384 Request headers Referer https://www.gartner.com/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.gartner.com x-oneagent-js-injection true date Tue, 05 Dec 2023 09:23:17 GMT cache-control no-cache content-length 206 content-type text/plain;charset=utf-8