urlscan.io logo urlscan.io
SecurityTrails logo

www.sentinelone.com Open in urlscan Pro
172.67.74.101  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Submission: On May 10 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 4 countries across 31 domains to perform 112 HTTP transactions. The main IP is 172.67.74.101, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.sentinelone.com. The Cisco Umbrella rank of the primary domain is 198644.
TLS certificate: Issued by E1 on May 7th 2024. Valid for: 3 months.
This is the only time www.sentinelone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 17 172.67.74.101 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
19 2620:12a:8000::2 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
7 104.17.71.206 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
4 2606:2800:234... 15133 (EDGECAST)
6 104.17.111.223 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 172.217.16.195 15169 (GOOGLE)
1 18.66.192.117 16509 (AMAZON-02)
4 2620:1ec:c11:... 8068 (MICROSOFT...)
2 23.197.137.224 16625 (AKAMAI-AS)
1 2a02:26f0:780... 20940 (AKAMAI-ASN1)
1 162.159.152.17 13335 (CLOUDFLAR...)
12 95.101.111.184 20940 (AKAMAI-ASN1)
1 146.75.120.157 54113 (FASTLY)
3 172.67.213.149 13335 (CLOUDFLAR...)
8 3.68.133.236 16509 (AMAZON-02)
1 1 68.67.153.60 29990 (ASN-APPNEX)
2 2 185.89.210.82 29990 (ASN-APPNEX)
1 2600:9000:26d... 16509 (AMAZON-02)
1 52.72.112.67 14618 (AMAZON-AES)
1 54.230.228.76 16509 (AMAZON-02)
1 142.250.184.194 15169 (GOOGLE)
1 2 142.250.184.198 15169 (GOOGLE)
8 9 2620:1ec:21::14 8068 (MICROSOFT...)
2 13.107.42.14 8068 (MICROSOFT...)
1 192.28.144.124 15224 (OMNITURE)
1 104.244.42.5 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
1 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
1 1 142.250.181.226 15169 (GOOGLE)
1 2 142.250.185.164 15169 (GOOGLE)
2 13.248.142.121 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.44.154.105 14618 (AMAZON-AES)
112 39
17    172.67.74.101 (United States)

ASN13335 (CLOUDFLARENET, US)
www.sentinelone.com
7    2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
19    2620:12a:8000::2 (United States)

ASN54113 (FASTLY, US)
de.sentinelone.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
7    104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)
go.sentinelone.com
1    2606:4700::6812:1105 (United States)

ASN13335 (CLOUDFLARENET, US)
js.qualified.com
4    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
6    104.17.111.223 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net
www.google.de
1    18.66.192.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-117.muc50.r.cloudfront.net
static.hotjar.com
4    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    23.197.137.224 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-137-224.deploy.static.akamaitechnologies.com
munchkin.marketo.net
1    2a02:26f0:780::210:a42b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    162.159.152.17 (None, )

ASN13335 (CLOUDFLARENET, US)
a.quora.com
12    95.101.111.184 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-184.deploy.static.akamaitechnologies.com
j.6sc.co
c.6sc.co
b.6sc.co
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    172.67.213.149 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.calibermind.com
e.calibermind.com
8    3.68.133.236 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-133-236.eu-central-1.compute.amazonaws.com
tags.srv.stackadapt.com
1    68.67.153.60 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: s.ml-attr.com.pxlsrv.net
s.ml-attr.com
2    185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    2600:9000:26db:7200:5:7a81:86c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
attr.ml-api.io
1    52.72.112.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-112-67.compute-1.amazonaws.com
q.quora.com
1    54.230.228.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-76.muc50.r.cloudfront.net
script.hotjar.com
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googleadservices.com
2    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
13115870.fls.doubleclick.net
9    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    192.28.144.124 (United States)

ASN15224 (OMNITURE, US)
327-mnm-087.mktoresp.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    2a02:26f0:ab00::214:8e70 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ipv6.6sc.co
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads.g.doubleclick.net
2    142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net
www.google.com
2    13.248.142.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac3ff6aafb2cddae2.awsglobalaccelerator.com
epsilon.6sense.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.44.154.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-154-105.compute-1.amazonaws.com
app.qualified.com
Apex Domain
Subdomains		 Transfer
43 sentinelone.com
www.sentinelone.com — Cisco Umbrella Rank: 198644
de.sentinelone.com — Cisco Umbrella Rank: 907631
go.sentinelone.com — Cisco Umbrella Rank: 251829
1 MB
13 6sc.co
j.6sc.co — Cisco Umbrella Rank: 5787
c.6sc.co — Cisco Umbrella Rank: 8716
ipv6.6sc.co — Cisco Umbrella Rank: 5928
b.6sc.co — Cisco Umbrella Rank: 3876
21 KB
11 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 338
www.linkedin.com — Cisco Umbrella Rank: 619
px4.ads.linkedin.com — Cisco Umbrella Rank: 6419
6 KB
8 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 2777
10 KB
7 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 312
120 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4680
onesignal.com — Cisco Umbrella Rank: 1554
img.onesignal.com — Cisco Umbrella Rank: 8646
91 KB
5 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
13115870.fls.doubleclick.net — Cisco Umbrella Rank: 645149
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
1 KB
5 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1357
analytics.twitter.com — Cisco Umbrella Rank: 882
32 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 345
14 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
384 KB
3 calibermind.com
cdn.calibermind.com — Cisco Umbrella Rank: 53643
e.calibermind.com — Cisco Umbrella Rank: 50170
61 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 7810
190 B
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3095
www.google.com — Cisco Umbrella Rank: 2
344 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
21 KB
2 6sense.com
epsilon.6sense.com — Cisco Umbrella Rank: 9185
731 B
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 482
2 KB
2 quora.com
a.quora.com — Cisco Umbrella Rank: 6140
q.quora.com — Cisco Umbrella Rank: 4081
15 KB
2 marketo.net
munchkin.marketo.net — Cisco Umbrella Rank: 3868
6 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 742
script.hotjar.com — Cisco Umbrella Rank: 988
59 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 64
69 KB
2 qualified.com
js.qualified.com — Cisco Umbrella Rank: 18569
app.qualified.com — Cisco Umbrella Rank: 19613
169 KB
1 t.co
t.co — Cisco Umbrella Rank: 717
377 B
1 mktoresp.com
327-mnm-087.mktoresp.com — Cisco Umbrella Rank: 602262
318 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126
2 KB
1 ml-api.io
attr.ml-api.io — Cisco Umbrella Rank: 17338
281 B
1 ml-attr.com
s.ml-attr.com — Cisco Umbrella Rank: 15638
284 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 801
15 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 803
17 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 533
304 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 380
30 KB
0 abrankings.com Failed
cdn.abrankings.com Failed
112 31
Domain Requested by
19 de.sentinelone.com www.sentinelone.com
de.sentinelone.com
17 www.sentinelone.com 15 redirects www.sentinelone.com
10 b.6sc.co www.sentinelone.com
8 tags.srv.stackadapt.com www.sentinelone.com
tags.srv.stackadapt.com
7 px.ads.linkedin.com 6 redirects snap.licdn.com
7 go.sentinelone.com www.sentinelone.com
go.sentinelone.com
7 cdn.cookielaw.org www.sentinelone.com
cdn.cookielaw.org
4 bat.bing.com www.googletagmanager.com
bat.bing.com
www.sentinelone.com
4 platform.twitter.com www.sentinelone.com
platform.twitter.com
4 www.googletagmanager.com www.sentinelone.com
www.googletagmanager.com
3 www.google.de www.sentinelone.com
3 onesignal.com cdn.onesignal.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 epsilon.6sense.com j.6sc.co
2 www.google.com 1 redirects www.sentinelone.com
2 px4.ads.linkedin.com www.sentinelone.com
2 www.linkedin.com 2 redirects
2 13115870.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 secure.adnxs.com 2 redirects
2 cdn.calibermind.com www.sentinelone.com
www.googletagmanager.com
2 munchkin.marketo.net www.sentinelone.com
munchkin.marketo.net
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 www.youtube.com www.sentinelone.com
www.youtube.com
2 cdn.onesignal.com www.sentinelone.com
cdn.onesignal.com
1 app.qualified.com js.qualified.com
1 googleads.g.doubleclick.net 1 redirects
1 img.onesignal.com www.sentinelone.com
1 e.calibermind.com cdn.calibermind.com
1 ipv6.6sc.co j.6sc.co
1 c.6sc.co j.6sc.co
1 analytics.twitter.com www.sentinelone.com
1 t.co www.sentinelone.com
1 327-mnm-087.mktoresp.com munchkin.marketo.net
1 www.googleadservices.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 q.quora.com www.sentinelone.com
1 attr.ml-api.io www.sentinelone.com
1 s.ml-attr.com 1 redirects
1 static.ads-twitter.com www.sentinelone.com
1 j.6sc.co www.sentinelone.com
1 a.quora.com www.sentinelone.com
1 snap.licdn.com www.sentinelone.com
1 static.hotjar.com www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 js.qualified.com www.sentinelone.com
1 ajax.googleapis.com www.sentinelone.com
0 cdn.abrankings.com Failed www.googletagmanager.com
112 48
Subject Issuer Validity Valid
sentinelone.com
E1		 2024-05-07 -
2024-08-05		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
go.sentinelone.com
E1		 2024-03-21 -
2024-06-19		 3 months crt.sh
qualified.com
E1		 2024-05-09 -
2024-08-07		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
onesignal.com
GTS CA 1P5		 2024-04-01 -
2024-06-30		 3 months crt.sh
attivonetworks.com
R3		 2024-03-11 -
2024-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.google.de
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M03		 2024-02-07 -
2025-03-08		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-05-01 -
2024-06-27		 2 months crt.sh
*.marketo.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-08 -
2024-12-11		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
quora.com
R3		 2024-03-31 -
2024-06-29		 3 months crt.sh
6sc.co
R3		 2024-04-09 -
2024-07-08		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
calibermind.com
E1		 2024-04-16 -
2024-07-15		 3 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-09-09 -
2024-10-07		 a year crt.sh
*.quora.com
R3		 2024-04-21 -
2024-07-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.mktoresp.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-07 -
2024-10-07		 a year crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-07 -
2025-01-06		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-01-30 -
2024-07-30		 6 months crt.sh
*.6sense.com
Amazon RSA 2048 M03		 2024-03-31 -
2025-04-29		 a year crt.sh
app.qualified.com
R3		 2024-03-21 -
2024-06-19		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Frame ID: 48AC06917E5E3D8EF2A7A36D0EBBAE1D
Requests: 114 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.sentinelone.com
Frame ID: 9CE45E0D1871F1116A85DAF455AB7AB4
Requests: 1 HTTP requests in this frame

Frame: https://go.sentinelone.com/index.php/form/XDFrame
Frame ID: 91FB761A22CF697D3D831C1EC2F03298
Requests: 2 HTTP requests in this frame

Frame: https://13115870.fls.doubleclick.net/activityi;dc_pre=CMTH9L-ug4YDFahXHgIdkwIEhQ;src=13115870;type=pagev0;cat=reque0;ord=%5BSessionID%5D;npa=1;auiddc=1779142245.1715353700;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4580v9135076156za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F
Frame ID: EDFF3246107878D3E3E31E7DBCE42C1D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=philofishal&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1775905587533865100&lang=en&origin=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&sessionId=e050888ac561072e4bdebadb9d94e5eb5216fc5e&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Frame ID: 46188E1513AD5F8BC4C90EADB8A0DBF9
Requests: 1 HTTP requests in this frame

Frame: https://app.qualified.com/w/1/ZQoyHXFTqngPcfcB/messenger?uuid=d3dea20f-2d79-489b-8052-6173552768fe
Frame ID: D61BCBA8BB7BA41072598847AF9B48A4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

macOS Cuckoo Stealer | Ensuring Detection and Defense as New Samples Rapidly Emerge

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

112
Requests

82 %
HTTPS

39 %
IPv6

31
Domains

48
Subdomains

39
IPs

4
Countries

2514 kB
Transfer

6315 kB
Size

49
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://www.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/css/style-default.min.css?ver=1715325463 HTTP 302
  • https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/css/style-default.min.css?ver=1715325463
Request Chain 7
  • https://www.sentinelone.com/wp-content/uploads/2024/05/Cuckoo-Stealer.jpg HTTP 302
  • https://de.sentinelone.com/wp-content/uploads/2024/05/Cuckoo-Stealer.jpg
Request Chain 8
  • https://www.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_1.jpg HTTP 302
  • https://de.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_1.jpg
Request Chain 9
  • https://www.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_3.jpg HTTP 302
  • https://de.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_3.jpg
Request Chain 11
  • https://www.sentinelone.com/wp-includes/js/clipboard.min.js?ver=2.0.11 HTTP 302
  • https://de.sentinelone.com/wp-includes/js/clipboard.min.js?ver=2.0.11
Request Chain 12
  • https://www.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/js/global.min.js?ver=1715325463 HTTP 302
  • https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/js/global.min.js?ver=1715325463
Request Chain 14
  • https://www.sentinelone.com/wp-content/themes/sentinelone/assets/fonts/whyte/ABCWhytePlusVariable.woff2 HTTP 302
  • https://de.sentinelone.com/wp-content/themes/sentinelone/assets/fonts/whyte/ABCWhytePlusVariable.woff2
Request Chain 31
  • https://www.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_2.jpg HTTP 302
  • https://de.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_2.jpg
Request Chain 32
  • https://www.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_4.jpg HTTP 302
  • https://de.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_4.jpg
Request Chain 33
  • https://www.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_7.jpg HTTP 302
  • https://de.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_7.jpg
Request Chain 34
  • https://www.sentinelone.com/wp-content/uploads/2024/05/Screenshot-2024-05-09-at-5.33.23%E2%80%AFPM.jpg HTTP 302
  • https://de.sentinelone.com/wp-content/uploads/2024/05/Screenshot-2024-05-09-at-5.33.23%E2%80%AFPM.jpg
Request Chain 36
  • https://www.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/svg/search-icon.svg HTTP 302
  • https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/svg/search-icon.svg
Request Chain 37
  • https://www.sentinelone.com/wp-content/themes/sentinelone/assets/svg/header-logo-dark.svg HTTP 302
  • https://de.sentinelone.com/wp-content/themes/sentinelone/assets/svg/header-logo-dark.svg
Request Chain 38
  • https://www.sentinelone.com/wp-content/uploads/2024/05/cuckoo_ftr.jpg HTTP 302
  • https://de.sentinelone.com/wp-content/uploads/2024/05/cuckoo_ftr.jpg
Request Chain 61
  • https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.sentinelone.com%26pId%3d%24UID HTTP 302
  • https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.sentinelone.com%26pId%3d%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dwww.sentinelone.com%2526pId%253d%2524UID HTTP 302
  • https://attr.ml-api.io/?domain=www.sentinelone.com&pId=1947188242503928270
Request Chain 79
  • https://13115870.fls.doubleclick.net/activityi;src=13115870;type=pagev0;cat=reque0;ord=%5BSessionID%5D;npa=1;auiddc=1779142245.1715353700;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4580v9135076156za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F HTTP 302
  • https://13115870.fls.doubleclick.net/activityi;dc_pre=CMTH9L-ug4YDFahXHgIdkwIEhQ;src=13115870;type=pagev0;cat=reque0;ord=%5BSessionID%5D;npa=1;auiddc=1779142245.1715353700;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4580v9135076156za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F
Request Chain 80
  • https://px.ads.linkedin.com/collect/?pid=432890&conversionId=2402852&fmt=gif HTTP 302
  • https://px.ads.linkedin.com/collect/?pid=432890&conversionId=2402852&fmt=gif&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Fpid%3D432890%26conversionId%3D2402852%26fmt%3Dgif%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect/?pid=432890&conversionId=2402852&fmt=gif&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect/?pid=432890&conversionId=2402852&fmt=gif&cookiesTest=true&liSync=true&e_ipv6=AQIFYj0_hc9yMwAAAY9jDEs4bxZYptTwFl_nKsl1_7ezgcz3pjrYMkcY9neQHZOhcstJj5mJLTbb
Request Chain 96
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432890%2C5427652%2C5500618&time=1715353700572&url=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432890%2C5427652%2C5500618&time=1715353700572&url=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D432890%252C5427652%252C5500618%26time%3D1715353700572%26url%3Dhttps%253A%252F%252Fwww.sentinelone.com%252Fblog%252Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432890%2C5427652%2C5500618&time=1715353700572&url=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=432890%2C5427652%2C5500618&time=1715353700572&url=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&cookiesTest=true&liSync=true&e_ipv6=AQJnmxey5ZyFigAAAY9jDEtvAHJnwYdf4BzGOOE5Wmzq4kkOJ3f9nu8Bb-pg2oYnwy8pzNlxbbYp
Request Chain 99
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/970186784/?random=163634794&cv=11&fst=1715353700486&bg=ffffff&guid=ON&async=1&gtm=45be4580v890159661z871208095za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&label=P7U6CJqLydsBEKDAz84D&hn=www.googleadservices.com&frm=0&tiba=macOS%20Cuckoo%20Stealer%20%7C%20Ensuring%20Detection%20and%20Defense%20as%20New%20Samples%20Rapidly%20Emerge&value=0&npa=1&pscdl=noapi&auid=1779142245.1715353700&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&eitems=ChEI8Iv3sQYQnJ36u-Ls4rfyARIdANVWnwQ17RuFw4Iqt0T98v2mzync-tqWSIwUsIc&pscrd=IhMI4rnwv66DhgMVp5ODBx1mYAm1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vd3d3LnNlbnRpbmVsb25lLmNvbS8 HTTP 302
  • https://www.google.com/pagead/1p-conversion/970186784/?random=163634794&cv=11&fst=1715353700486&bg=ffffff&guid=ON&async=1&gtm=45be4580v890159661z871208095za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&label=P7U6CJqLydsBEKDAz84D&hn=www.googleadservices.com&frm=0&tiba=macOS%20Cuckoo%20Stealer%20%7C%20Ensuring%20Detection%20and%20Defense%20as%20New%20Samples%20Rapidly%20Emerge&value=0&npa=1&pscdl=noapi&auid=1779142245.1715353700&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI4rnwv66DhgMVp5ODBx1mYAm1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vd3d3LnNlbnRpbmVsb25lLmNvbS8&is_vtc=1&cid=CAQSGwB7FLtqo5cACQ2vLWSjW3ve_aoXeSI6zs4s1A&eitems=ChEI8Iv3sQYQnJ36u-Ls4rfyARIdANVWnwThWTrIZXYZUKaHx4v_B84mHiOz6GKMSvY&random=2777541209 HTTP 302
  • https://www.google.de/pagead/1p-conversion/970186784/?random=163634794&cv=11&fst=1715353700486&bg=ffffff&guid=ON&async=1&gtm=45be4580v890159661z871208095za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&label=P7U6CJqLydsBEKDAz84D&hn=www.googleadservices.com&frm=0&tiba=macOS%20Cuckoo%20Stealer%20%7C%20Ensuring%20Detection%20and%20Defense%20as%20New%20Samples%20Rapidly%20Emerge&value=0&npa=1&pscdl=noapi&auid=1779142245.1715353700&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI4rnwv66DhgMVp5ODBx1mYAm1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vd3d3LnNlbnRpbmVsb25lLmNvbS8&is_vtc=1&cid=CAQSGwB7FLtqo5cACQ2vLWSjW3ve_aoXeSI6zs4s1A&eitems=ChEI8Iv3sQYQnJ36u-Ls4rfyARIdANVWnwThWTrIZXYZUKaHx4v_B84mHiOz6GKMSvY&random=2777541209&ipr=y
Request Chain 113
  • https://www.sentinelone.com/wp-content/themes/sentinelone/assets/favicon-whyte/favicon.ico HTTP 302
  • https://de.sentinelone.com/wp-content/themes/sentinelone/assets/favicon-whyte/favicon.ico

112 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/ 		340 KB
107 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e0632b1fdeb4f6c1e8e4eb0b385a974c34758957dfab422cfbdd5b62bfc53df
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'unsafe-eval' https://snap.licdn.com/ https://cdn.calibermind.com/ https://a.quora.com/ https://app.cdn.lookbookhq.com/ https://connect.facebook.net/ https://ct.capterra.com/ https://ga.clearbit.com/ https://js.adsrvr.org/ https://munchkin.brightfunnel.com/ https://munchkin.marketo.net/ https://static.ads-twitter.com/ 'unsafe-inline' http://schema.org https://*.cloudfront.net/ https://*.googletagmanager.com https://a.omappapi.com/ https://analytics.twitter.com/ https://bat.bing.com/ https://cdn.abrankings.com https://cdn.abrankings.com/ https://cdn.cookielaw.org/ https://cdn.datatables.net/ https://cdn.jsdelivr.net/ https://cdn.onesignal.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://code.jquery.com/ https://collector-5527.tvsquared.com/ https://fonts.googleapis.com/ https://go.sentinelone.com/ https://googleads.g.doubleclick.net/ https://j.6sc.co/ https://js.maxmind.com/ https://js.qualified.com/ https://onesignal.com/ https://pixel-geo.prfct.co/ https://platform-api.sharethis.com/ https://platform.twitter.com/ https://pt.ispot.tv/ https://pubads.g.doubleclick.net/ https://px.spiceworks.com/ https://script.hotjar.com/ https://scripts.demandbase.com/ https://sentinelone.com https://ssl.google-analytics.com https://staging.s1preview.com/ https://static.hotjar.com/ https://tag.marinsm.com/ https://ws.qualified.com/ https://www.clickcease.com/ https://www.google-analytics.com https://www.google-analytics.com/ https://www.google.com/* https://www.googleoptimize.com/ https://www.googletagmanager.com/ https://www.googletagmanager.com/* https://www.redditstatic.com/ https://www.vantajs.com/ https://www.youtube.com/ https://yoast.com/ https://www.google.com/ https://qualified.com/ https://www.vantajs.com/ https://js.maxmind.com/ https://cdn.onesignal.com/ https://cdn.datatables.net/ https://platform-api.sharethis.com/ https://yoast.com/ https://fonts.googleapis.com/ https://cdn.datatables.net/ https://js-agent.newrelic.com/ https://www.sentinelone.com/ https://boards.greenhouse.io/ https://ajax.cloudflare.com/ https://www.googleadservices.com/ https://bam.nr-data.net/ https://cdn.linkedin.oribi.io/ https://fr.sentinelone.com/ https://it.sentinelone.com/ https://jp.sentinelone.com/ https://de.sentinelone.com/ https://it.sentinelone.com/ https://es.sentinelone.com/ https://nl.sentinelone.com/ https://kr.sentinelone.com/ https://www.google.it/ https://www.google.co.jp/ https://www.google.de/ https://ar.sentinelone.com/ https://www.google.es/ https://www.google.fr/ https://www.google.nl/ https://sonix.ai https://bam.nr-data.net/ https://docs.google.com/ https://apis.google.com/js/api.js/ https://accounts.google.com/ https://*.googleapis.com *.google.com https://*.gstatic.com https://sheets.googleapis.com/ https://tags.srv.stackadapt.com/events.js https://js.storylane.io/ https://qvdt3feo.com/ https://javascript.heeet.io/ https://api.brightfunnel.com https://a23gjzphzj.execute-api.us-east-1.amazonaws.com/ https://geolocation.onetrust.com/ https://js-agent.newrelic.com/ https://www.gstatic.com/; frame-ancestors 'self' http://sentinelone.lookbookhq.com https://sentinelone.lookbookhq.com http://sentinelone.pathfactory.com https://sentinelone.pathfactory.com http://assets.sentinelone.com https://assets.sentinelone.com https://app.scalyr.com https://app.eu.scalyr.com localhost https://a23gjzphzj.execute-api.us-east-1.amazonaws.com/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=60
cf-cache-status
EXPIRED
cf-ray
881ad80f1fbebc03-FRA
content-encoding
br
content-security-policy
object-src 'none'; script-src 'unsafe-eval' https://snap.licdn.com/ https://cdn.calibermind.com/ https://a.quora.com/ https://app.cdn.lookbookhq.com/ https://connect.facebook.net/ https://ct.capterra.com/ https://ga.clearbit.com/ https://js.adsrvr.org/ https://munchkin.brightfunnel.com/ https://munchkin.marketo.net/ https://static.ads-twitter.com/ 'unsafe-inline' http://schema.org https://*.cloudfront.net/ https://*.googletagmanager.com https://a.omappapi.com/ https://analytics.twitter.com/ https://bat.bing.com/ https://cdn.abrankings.com https://cdn.abrankings.com/ https://cdn.cookielaw.org/ https://cdn.datatables.net/ https://cdn.jsdelivr.net/ https://cdn.onesignal.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://code.jquery.com/ https://collector-5527.tvsquared.com/ https://fonts.googleapis.com/ https://go.sentinelone.com/ https://googleads.g.doubleclick.net/ https://j.6sc.co/ https://js.maxmind.com/ https://js.qualified.com/ https://onesignal.com/ https://pixel-geo.prfct.co/ https://platform-api.sharethis.com/ https://platform.twitter.com/ https://pt.ispot.tv/ https://pubads.g.doubleclick.net/ https://px.spiceworks.com/ https://script.hotjar.com/ https://scripts.demandbase.com/ https://sentinelone.com https://ssl.google-analytics.com https://staging.s1preview.com/ https://static.hotjar.com/ https://tag.marinsm.com/ https://ws.qualified.com/ https://www.clickcease.com/ https://www.google-analytics.com https://www.google-analytics.com/ https://www.google.com/* https://www.googleoptimize.com/ https://www.googletagmanager.com/ https://www.googletagmanager.com/* https://www.redditstatic.com/ https://www.vantajs.com/ https://www.youtube.com/ https://yoast.com/ https://www.google.com/ https://qualified.com/ https://www.vantajs.com/ https://js.maxmind.com/ https://cdn.onesignal.com/ https://cdn.datatables.net/ https://platform-api.sharethis.com/ https://yoast.com/ https://fonts.googleapis.com/ https://cdn.datatables.net/ https://js-agent.newrelic.com/ https://www.sentinelone.com/ https://boards.greenhouse.io/ https://ajax.cloudflare.com/ https://www.googleadservices.com/ https://bam.nr-data.net/ https://cdn.linkedin.oribi.io/ https://fr.sentinelone.com/ https://it.sentinelone.com/ https://jp.sentinelone.com/ https://de.sentinelone.com/ https://it.sentinelone.com/ https://es.sentinelone.com/ https://nl.sentinelone.com/ https://kr.sentinelone.com/ https://www.google.it/ https://www.google.co.jp/ https://www.google.de/ https://ar.sentinelone.com/ https://www.google.es/ https://www.google.fr/ https://www.google.nl/ https://sonix.ai https://bam.nr-data.net/ https://docs.google.com/ https://apis.google.com/js/api.js/ https://accounts.google.com/ https://*.googleapis.com *.google.com https://*.gstatic.com https://sheets.googleapis.com/ https://tags.srv.stackadapt.com/events.js https://js.storylane.io/ https://qvdt3feo.com/ https://javascript.heeet.io/ https://api.brightfunnel.com https://a23gjzphzj.execute-api.us-east-1.amazonaws.com/ https://geolocation.onetrust.com/ https://js-agent.newrelic.com/ https://www.gstatic.com/; frame-ancestors 'self' http://sentinelone.lookbookhq.com https://sentinelone.lookbookhq.com http://sentinelone.pathfactory.com https://sentinelone.pathfactory.com http://assets.sentinelone.com https://assets.sentinelone.com https://app.scalyr.com https://app.eu.scalyr.com localhost https://a23gjzphzj.execute-api.us-east-1.amazonaws.com/;
content-type
text/html; charset=UTF-8
date
Fri, 10 May 2024 15:08:19 GMT
last-modified
Fri, 10 May 2024 13:56:47 GMT
link
<https://www.sentinelone.com/wp-json/>; rel="https://api.w.org/", <https://www.sentinelone.com/wp-json/wp/v2/posts/98295>; rel="alternate"; type="application/json", <https://www.sentinelone.com/?p=98295>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6YNItT4da2Nrx0h2D10CxyYfVp8Vcsz8E%2B%2B94oU%2FD63cG0Wk9PpbgcoYEeeGIWu%2B19gJp%2FN14wMW7kPFFmahbyI%2Bju%2FqhZB5%2Bkr2Q9XPx0ZPcwI9lGeeVEJ%2FHBw%2BzVrqwWyzxYQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding, Cookie, Cookie
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
HIT, HIT, MISS, MISS
x-cache-hits
6, 6, 0, 0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-pantheon-styx-hostname
styx-fe2-b-54549df966-w9kkp
x-served-by
cache-chi-kigq8000085-CHI, cache-fra-etou8220120-FRA, cache-fra-eddf8230127-FRA, cache-fra-eddf8230127-FRA
x-styx-req-id
db965b82-0edd-11ef-874c-623c468fdafb
x-timer
S1715353700.754267,VS0,VE7
x-xss-protection
1; mode=block
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 May 2024 15:08:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Dw6K+rTuf8kOuPIEBw1QQA==
age
66527
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6881
x-ms-lease-status
unlocked
last-modified
Wed, 08 May 2024 06:40:04 GMT
server
cloudflare
etag
0x8DC6F29B1A99C59
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0ca4e475-001e-0088-1962-a1f9b0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
881ad8100ba430d8-FRA
style-default.min.css
de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/css/
Redirect Chain
  • https://www.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/css/style-default.min.css?ver=1715325463
  • https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/css/style-default.min.css?ver=1715325463
476 KB
81 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/css/style-default.min.css?ver=1715325463
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0022acc76fcc28bdad41e61fb778b07358511fd18c0efdb7bdd0be8ccee25c2f
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

x-cache-hits
0, 53, 0, 0
strict-transport-security
max-age=31622400; includeSubDomains; preload
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Fri, 10 May 2024 15:08:19 GMT
age
28227
x-cache
HIT, HIT, MISS, MISS
x-pantheon-styx-hostname
styx-fe2-b-54549df966-nbkfr
content-length
82648
x-served-by
cache-chi-kigq8000077-CHI, cache-fra-eddf8230082-FRA, cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
last-modified
Fri, 10 May 2024 03:58:04 GMT
server
nginx
x-timer
S1715353700.914550,VS0,VE9
etag
W/"663d9b4c-76f6f"
vary
Accept-Encoding
content-type
text/css
x-styx-req-id
69f1fd81-0e9d-11ef-b444-aade0314667a
cache-control
max-age=31622400
accept-ranges
bytes
expires
Sun, 11 May 2025 07:17:52 GMT

Redirect headers

date
Fri, 10 May 2024 15:08:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5gTEx5Sf0VyUXO5fgMvO6p1Wp4IXrjGn4DBiq9ev2Hgtd%2BRQ9%2FeQdNt7hiBKZPG%2FUXvLBiK5s3kz5SGkCguqaSicycgqZqo6qGPBtuIqKuJizp5RULUrtANgZc24uF08gH4%2BA9Q%3D"}],"group":"cf-nel","max_age":604800}
location
https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/css/style-default.min.css?ver=1715325463
cf-ray
881ad80fc892bc03-FRA
content-length
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.7.0/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 07:56:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25907
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30433
x-xss-protection
0
last-modified
Wed, 17 May 2023 18:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 May 2025 07:56:32 GMT
forms2.min.js
go.sentinelone.com/js/forms2/js/ 		199 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.sentinelone.com/js/forms2/js/forms2.min.js
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9649e0e9e5790f8d6b5e69aa4ff9969e8f7d72a84f8501ff9379078005124d8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 23 Apr 2024 04:13:58 GMT
server
cloudflare
age
7076
etag
"15401a9-31af8-616bbc873ed80"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
cf-ray
881ad810cb6c6997-FRA
expires
Fri, 10 May 2024 19:08:19 GMT
qualified.js
js.qualified.com/ 		694 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.qualified.com/qualified.js?token=ZQoyHXFTqngPcfcB
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ef29a38f1b923a09e72755a34d0539533546027b7a3dfd534424560619e45b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
content-encoding
gzip
via
1.1 spaces-router (2a9d893844a5)
strict-transport-security
max-age=63072000; includeSubDomains
cf-cache-status
MISS
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
5901b525-ba71-73ba-a525-35db1c7a2e71
pragma
no-cache
x-runtime
0.025729
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"9ef29a38f1b923a09e72755a34d05395"
x-download-options
noopen
vary
Accept,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
881ad811af559265-FRA
expires
Fri, 10 May 2024 19:08:20 GMT
js
www.googletagmanager.com/gtag/ 		311 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KJPGLC9EVP
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b9aad1643b44724cfca115231c3eff0adb5db9b5359ca4115543ff9de8956d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103718
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 10 May 2024 15:08:20 GMT
email-decode.min.js
www.sentinelone.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sentinelone.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Wed, 08 May 2024 09:31:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
gzip
etag
W/"663b4689-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nfoivjCkD%2FsuexqeUzS7nOpoe2ZqBj9V7XYtt7bk%2BQnAa%2FZXL0mc5SzLgSYwK6qYFBsFJWz8qDrehu6mulvw8ly%2FLwBQX0O604cPS39MSwBhDxFVuGtLbczLviLNNyk3lFOx9QI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
881ad80fc893bc03-FRA
expires
Sun, 12 May 2024 15:08:19 GMT
Cuckoo-Stealer.jpg
de.sentinelone.com/wp-content/uploads/2024/05/
Redirect Chain
  • https://www.sentinelone.com/wp-content/uploads/2024/05/Cuckoo-Stealer.jpg
  • https://de.sentinelone.com/wp-content/uploads/2024/05/Cuckoo-Stealer.jpg
197 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de.sentinelone.com/wp-content/uploads/2024/05/Cuckoo-Stealer.jpg
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ec0fbc4c961bfe24455c67ed51cd4ccd360036df80bb467d0d1814a118a9229b
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

x-cache-hits
0, 0, 1, 0
strict-transport-security
max-age=31622400; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Fri, 10 May 2024 15:08:19 GMT
fastly-io-served-by
img09-europe-west2
age
83190
x-cache
MISS, MISS, HIT, MISS
fastly-io-info
ifsz=1146065 idim=1200x627 ifmt=jpeg ofsz=201862 odim=1200x627 ofmt=webp
x-pantheon-styx-hostname
styx-fe2-a-6b9b845978-pkmpg
fastly-stats
io=1
content-length
201862
x-served-by
cache-ams21082-AMS, cache-ams21049-AMS, cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
server
nginx
x-timer
S1715353700.914514,VS0,VE8
etag
"28hOMEhc58Pd/6sWVPLiY5eigzBDORFbXyY8iDVUPfs"
vary
Accept
content-type
image/webp
x-styx-req-id
71d00bfd-0e1d-11ef-8e81-524e986e330c
cache-control
max-age=31622400
accept-ranges
bytes
expires
Sat, 10 May 2025 16:01:49 GMT

Redirect headers

date
Fri, 10 May 2024 15:08:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h80Zp5qc8p4k%2BYiTAtLnhl%2BGtcpgw0D9Tha8LrlTLHbP2Z44D6tloTjNPoawgp30O6udLp%2BFcJmhJnfxiNHSaMrPid%2Bx7RrKDYEoeUG3srZv930YD6i0HVnZgzAZznSKIt7r9zI%3D"}],"group":"cf-nel","max_age":604800}
location
https://de.sentinelone.com/wp-content/uploads/2024/05/Cuckoo-Stealer.jpg
cf-ray
881ad80fc894bc03-FRA
content-length
0
macOS_Cuckoo_1.jpg
de.sentinelone.com/wp-content/uploads/2024/05/
Redirect Chain
  • https://www.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_1.jpg
  • https://de.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_1.jpg
62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_1.jpg
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9a1ab475b178c0f9d80a60367ad77a53ba2e5692fdd4ecac47b999f60b1b4042
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

x-cache-hits
0, 0, 1, 0
strict-transport-security
max-age=31622400; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Fri, 10 May 2024 15:08:19 GMT
fastly-io-served-by
img17-europe-west2
age
82964
x-cache
MISS, MISS, HIT, MISS
fastly-io-info
ifsz=133645 idim=1067x673 ifmt=jpeg ofsz=63468 odim=1067x673 ofmt=webp
x-pantheon-styx-hostname
styx-fe2-a-6b9b845978-gdw2j
fastly-stats
io=1
content-length
63468
x-served-by
cache-ams21060-AMS, cache-ams12742-AMS, cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
server
nginx
x-timer
S1715353700.914787,VS0,VE7
etag
"aHh89byYVud1fyln3NupztsOBYJ8j2Z5v+se26egJeU"
vary
Accept
content-type
image/webp
x-styx-req-id
f818812b-0e1d-11ef-bbc2-7a5f124bc1c1
cache-control
max-age=31622400
accept-ranges
bytes
expires
Sat, 10 May 2025 16:05:35 GMT

Redirect headers

date
Fri, 10 May 2024 15:08:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=45U00L29LYsG0%2BzdpT6MTohwdRMDJivA%2BfBqA9C3%2Fp0DoLLDKOlJV3piTCxeY%2BRtaBe%2F6ofZrqj4Ta2l26TaKWIAU9tW4zmy%2FBS4Pu3Fnd6fa69Stg%2BRkqjkKgwcHuaeZNWa%2FkI%3D"}],"group":"cf-nel","max_age":604800}
location
https://de.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_1.jpg
cf-ray
881ad80fc896bc03-FRA
content-length
0
macOS_Cuckoo_3.jpg
de.sentinelone.com/wp-content/uploads/2024/05/
Redirect Chain
  • https://www.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_3.jpg
  • https://de.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_3.jpg
127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_3.jpg
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fb3f94fbcdc05ae7c03ee8e9abc85d95bd0730e7a58387a58bc700afb6a7eacd
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

x-cache-hits
0, 0, 1, 0
strict-transport-security
max-age=31622400; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Fri, 10 May 2024 15:08:19 GMT
fastly-io-served-by
img11-europe-west2
age
82965
x-cache
MISS, MISS, HIT, MISS
fastly-io-info
ifsz=164786 idim=1999x924 ifmt=jpeg ofsz=130264 odim=1999x924 ofmt=webp
x-pantheon-styx-hostname
styx-fe2-a-6b9b845978-pkmpg
fastly-stats
io=1
content-length
130264
x-served-by
cache-ams21073-AMS, cache-ams21023-AMS, cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
server
nginx
x-timer
S1715353700.914804,VS0,VE13
etag
"z3WiBTiGmu+db8fVaTBiG1Q9m9CNipfjdz7ngmb/wcU"
vary
Accept
content-type
image/webp
x-styx-req-id
f7c49e19-0e1d-11ef-8e81-524e986e330c
cache-control
max-age=31622400
accept-ranges
bytes
expires
Sat, 10 May 2025 16:05:34 GMT

Redirect headers

date
Fri, 10 May 2024 15:08:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4AZug7m4EzvWYqoIyoswRf7rCNmcakoXzTtUjr8ABZN0Kfon8momVQp9ksdrECzc6WZTyYh4hd%2Ft3CvcRs7OK6SxBMXaUvpGt2fcgzaBS%2B134Lnb%2FRCdi%2FeVqx%2FXbK3N5A%2BXMzc%3D"}],"group":"cf-nel","max_age":604800}
location
https://de.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_3.jpg
cf-ray
881ad80fc897bc03-FRA
content-length
0
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6760) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 15:08:20 GMT
Content-Encoding
gzip
Age
1140
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (frb/6760)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
clipboard.min.js
de.sentinelone.com/wp-includes/js/
Redirect Chain
  • https://www.sentinelone.com/wp-includes/js/clipboard.min.js?ver=2.0.11
  • https://de.sentinelone.com/wp-includes/js/clipboard.min.js?ver=2.0.11
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.sentinelone.com/wp-includes/js/clipboard.min.js?ver=2.0.11
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
700c8bd73d93522ca53cdc35e2a71e96caf7c344bc7a8391f3af90c10b917033
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

x-cache-hits
0, 21142, 0, 0
strict-transport-security
max-age=31622400; includeSubDomains; preload
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Fri, 10 May 2024 15:08:20 GMT
age
1453689
x-cache
MISS, HIT, MISS, MISS
x-pantheon-styx-hostname
styx-fe2-b-76f6c9d98-r6rmt
content-length
3466
x-served-by
cache-chi-klot8100072-CHI, cache-fra-eddf8230071-FRA, cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
last-modified
Tue, 23 Apr 2024 10:29:14 GMT
server
nginx
x-timer
S1715353700.038340,VS0,VE6
etag
W/"66278d7a-2331"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
80bdc449-01a6-11ef-9796-86f17d95d70b
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 24 Apr 2025 19:20:10 GMT

Redirect headers

date
Fri, 10 May 2024 15:08:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UTHCHg%2FRK5nHrouwIFdqyYsRZuUwUqDFXZFyA26VAxov%2BE%2BKpfzta5tBxJvLlNTkzgt7EU%2FV6cD0Y1pW6Xo1TG%2FBTHPYwm%2BY74k33fA9hbZsfVnQomKZQiHfL%2Bex%2F9JERhH%2F7bw%3D"}],"group":"cf-nel","max_age":604800}
location
https://de.sentinelone.com/wp-includes/js/clipboard.min.js?ver=2.0.11
cf-ray
881ad810c9d1bc03-FRA
content-length
0
global.min.js
de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/js/
Redirect Chain
  • https://www.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/js/global.min.js?ver=1715325463
  • https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/js/global.min.js?ver=1715325463
28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/js/global.min.js?ver=1715325463
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
96813316bbd0571b81a311f40a331ee85707f1f7b78354644a884aa87dfc28bb
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

x-cache-hits
0, 123, 0, 0
strict-transport-security
max-age=31622400; includeSubDomains; preload
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Fri, 10 May 2024 15:08:20 GMT
age
28228
x-cache
HIT, HIT, MISS, MISS
x-pantheon-styx-hostname
styx-fe2-b-54549df966-s5lj6
content-length
10446
x-served-by
cache-chi-klot8100129-CHI, cache-fra-etou8220097-FRA, cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
last-modified
Fri, 10 May 2024 07:17:43 GMT
server
nginx
x-timer
S1715353700.104246,VS0,VE7
etag
W/"663dca17-71ca"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
69f26773-0e9d-11ef-bea0-922eaa053744
cache-control
max-age=31622400
accept-ranges
bytes
expires
Sun, 11 May 2025 07:17:52 GMT

Redirect headers

date
Fri, 10 May 2024 15:08:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gsFRb7FJ0gWZQwdxYuZmxZFpLHu66QfJX%2Fodygcii3pyosUJ6r7G6lQCMux7VZpf70wpwxINpI7lRh%2F6Xq%2BdUGjn7i5jE2pUVKK3QerTGIyvFfys%2BoqcLmvrPJ0Vj57sFIq9yms%3D"}],"group":"cf-nel","max_age":604800}
location
https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/js/global.min.js?ver=1715325463
cf-ray
881ad8112a2ebc03-FRA
content-length
0
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1529
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
881ad811796e365c-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 13 May 2024 15:08:20 GMT
ABCWhytePlusVariable.woff2
de.sentinelone.com/wp-content/themes/sentinelone/assets/fonts/whyte/
Redirect Chain
  • https://www.sentinelone.com/wp-content/themes/sentinelone/assets/fonts/whyte/ABCWhytePlusVariable.woff2
  • https://de.sentinelone.com/wp-content/themes/sentinelone/assets/fonts/whyte/ABCWhytePlusVariable.woff2
242 KB
242 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://de.sentinelone.com/wp-content/themes/sentinelone/assets/fonts/whyte/ABCWhytePlusVariable.woff2
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
67418e79f1c8689e34cd9c68f1d5300f627d85e59c22d70abf8cde80b02067b9
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

x-cache-hits
0, 36, 0, 0
strict-transport-security
max-age=31622400; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Fri, 10 May 2024 15:08:19 GMT
age
1402891
x-cache
MISS, HIT, MISS, MISS
x-pantheon-styx-hostname
styx-fe2-b-76f6c9d98-q8wht
content-length
247460
x-served-by
cache-chi-kigq8000040-CHI, cache-fra-eddf8230037-FRA, cache-fra-eddf8230031-FRA, cache-fra-eddf8230031-FRA
last-modified
Tue, 23 Apr 2024 13:39:21 GMT
server
nginx
x-timer
S1715353700.914826,VS0,VE5
etag
"6627ba09-3c6a4"
content-type
font/woff2
access-control-allow-origin
*
x-styx-req-id
80bee4bd-01a6-11ef-be4d-5ebfcd969e79
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 24 Apr 2025 19:20:10 GMT

Redirect headers

date
Fri, 10 May 2024 15:08:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GBKc8S%2Bqw9PRjwai5ew5PrEol%2BHYCeoGollpLCzenTMlvppg2IwPvQeG1SnvvBXU04aGvN7cFQmkTobFP0M31FqNrBY1fex%2BFSI0tSc1fgPcdQgpMTIElTW6icgVzMUkMyQXmJc%3D"}],"group":"cf-nel","max_age":604800}
location
https://de.sentinelone.com/wp-content/themes/sentinelone/assets/fonts/whyte/ABCWhytePlusVariable.woff2
cf-ray
881ad80fc89abc03-FRA
content-length
0
gtm.js
www.googletagmanager.com/ 		394 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KGGXSJ
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eb6c2bc580b14f87667a93f96cc7644b5c69e70087ae9b7a38fc9ea239d35cc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
121875
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 10 May 2024 15:08:20 GMT
truncated
/ 		115 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
758b336b8291c58c944b1d40afd4469609c946ac427f33baac4ea0d5c2ed6fdd

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		115 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3a2f8ef206c54e505719cbdfe2f7c5732d80d4e01ab277b2f869acb3d062497

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		116 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08d80a196fd16e446bb1d5c7e94adf0b719406286686ab3606e0e49a1dc122d9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		118 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4f218c257c82336bf1cb04a93e22a83077bd037a3e1c2328f191bf3b1c0b62d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		117 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6bfc62c8e653fb944b2a6937d2822241c304fa49bbe90ede334a582385f47e1

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
getForm
go.sentinelone.com/index.php/form/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.sentinelone.com/index.php/form/getForm?munchkinId=327-MNM-087&form=1985&url=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&callback=jQuery37106582582808149604_1715353700030&_=1715353700031
Requested by
Host: go.sentinelone.com
URL: https://go.sentinelone.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b7f9e41f489447409cbfa2d1baac1ed34bc4210077fae833b005ec9d783da4d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
content-encoding
gzip
server
cloudflare
cf-ray
881ad8115c266997-FRA
cached
true
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
globe-light.svg
de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/svg/ 		729 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/svg/globe-light.svg
Requested by
Host: de.sentinelone.com
URL: https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/css/style-default.min.css?ver=1715325463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f784bdae89887d6c9a1d2452ca83d2444ff4d4a12a1a2484ab2ff6b370912408
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/css/style-default.min.css?ver=1715325463
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0, 16023, 0, 0
strict-transport-security
max-age=31622400; includeSubDomains; preload
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Fri, 10 May 2024 15:08:20 GMT
age
1453657
x-cache
MISS, HIT, MISS, MISS
x-pantheon-styx-hostname
styx-fe2-a-7d9c76749d-t244p
content-length
295
x-served-by
cache-chi-kigq8000042-CHI, cache-fra-eddf8230055-FRA, cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
last-modified
Mon, 22 Apr 2024 20:10:43 GMT
server
nginx
x-timer
S1715353700.062892,VS0,VE9
etag
W/"6626c443-2d9"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-styx-req-id
938e06b9-01a6-11ef-93c2-66bc493bf3ef
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 24 Apr 2025 19:20:42 GMT
navigation-arrow-down-light.svg
de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/svg/ 		663 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/svg/navigation-arrow-down-light.svg
Requested by
Host: de.sentinelone.com
URL: https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/css/style-default.min.css?ver=1715325463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1c483a1caf094b8e3a922a5773e342df31d68ef351f6b35af4bbac9dd0aefcdd
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/css/style-default.min.css?ver=1715325463
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0, 1900, 0, 0
strict-transport-security
max-age=31622400; includeSubDomains; preload
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Fri, 10 May 2024 15:08:20 GMT
age
1234323
x-cache
MISS, HIT, MISS, MISS
x-pantheon-styx-hostname
styx-fe2-a-7d9c76749d-958gw
content-length
347
x-served-by
cache-chi-kigq8000134-CHI, cache-fra-etou8220069-FRA, cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
last-modified
Mon, 22 Apr 2024 20:10:48 GMT
server
nginx
x-timer
S1715353700.062907,VS0,VE11
etag
W/"6626c448-297"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-styx-req-id
938dc0eb-01a6-11ef-80ce-e254c33687fc
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 24 Apr 2025 19:20:42 GMT
amazon_polly_icon.svg
de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/svg/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/svg/amazon_polly_icon.svg
Requested by
Host: de.sentinelone.com
URL: https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/css/style-default.min.css?ver=1715325463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
181fa10be49f875d78816391e202c05f90be6b0d5597edc25f524b1183e434e6
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/css/style-default.min.css?ver=1715325463
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0, 828, 0, 0
strict-transport-security
max-age=31622400; includeSubDomains; preload
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Fri, 10 May 2024 15:08:20 GMT
age
1452791
x-cache
HIT, HIT, MISS, MISS
x-pantheon-styx-hostname
styx-fe2-a-7d9c76749d-pdmmh
content-length
884
x-served-by
cache-chi-kigq8000171-CHI, cache-fra-etou8220090-FRA, cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
last-modified
Tue, 23 Apr 2024 11:47:15 GMT
server
nginx
x-timer
S1715353700.066187,VS0,VE8
etag
W/"66279fc3-757"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-styx-req-id
98351ce6-01a8-11ef-a8ed-1a178840db6b
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 24 Apr 2025 19:35:09 GMT
truncated
/ 		382 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
search-icon-white.svg
de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/svg/ 		681 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/svg/search-icon-white.svg
Requested by
Host: de.sentinelone.com
URL: https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/css/style-default.min.css?ver=1715325463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5466092ef0deb16007dc2e8e61eb345b380ab6663bd3ef41808ffb7360abd61a
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/css/style-default.min.css?ver=1715325463
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0, 212, 0, 0
strict-transport-security
max-age=31622400; includeSubDomains; preload
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Fri, 10 May 2024 15:08:20 GMT
age
1453598
x-cache
MISS, HIT, MISS, MISS
x-pantheon-styx-hostname
styx-fe2-a-7d9c76749d-8xjxc
content-length
385
x-served-by
cache-chi-kigq8000120-CHI, cache-fra-etou8220133-FRA, cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
last-modified
Mon, 22 Apr 2024 20:10:48 GMT
server
nginx
x-timer
S1715353700.068597,VS0,VE6
etag
W/"6626c448-2a9"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-styx-req-id
b6de17fa-01a6-11ef-8a70-9e3798d317dd
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 24 Apr 2025 19:21:41 GMT
getForm
go.sentinelone.com/index.php/form/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.sentinelone.com/index.php/form/getForm?munchkinId=327-MNM-087&form=2816&url=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&callback=jQuery37106582582808149604_1715353700032&_=1715353700033
Requested by
Host: go.sentinelone.com
URL: https://go.sentinelone.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2444b597dd4b430d0bd2c3c2813a4d4f73170653dd61ef8fe0d135f79a8364a2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
content-encoding
gzip
server
cloudflare
cf-ray
881ad811ac696997-FRA
cached
true
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
truncated
/ 		180 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		354 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/js/global.min.js?ver=1715325463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
866b0dff742f52c8ce72fb6793882fdc9cc16fa9dca416168e8ee33acac4199d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Fri, 10 May 2024 15:08:20 GMT
macOS_Cuckoo_2.jpg
de.sentinelone.com/wp-content/uploads/2024/05/
Redirect Chain
  • https://www.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_2.jpg
  • https://de.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_2.jpg
18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_2.jpg
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
872a3503128739331021f36e3b4a8fc58ec8503fe67be7c08549be5c64aa7bd4
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

x-cache-hits
0, 0, 1, 0
strict-transport-security
max-age=31622400; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Fri, 10 May 2024 15:08:20 GMT
fastly-io-served-by
img03-europe-west2
age
82965
x-cache
MISS, MISS, HIT, MISS
fastly-io-info
ifsz=40544 idim=811x240 ifmt=jpeg ofsz=18918 odim=811x240 ofmt=webp
x-pantheon-styx-hostname
styx-fe2-a-6b9b845978-pkmpg
fastly-stats
io=1
content-length
18918
x-served-by
cache-ams21056-AMS, cache-ams12723-AMS, cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
server
nginx
x-timer
S1715353700.221157,VS0,VE6
etag
"1V8bG0gK7b4cFFE/tMUkFLdn4PNEujFrSBUuoR48fCw"
vary
Accept
content-type
image/webp
x-styx-req-id
f7e51464-0e1d-11ef-8e81-524e986e330c
cache-control
max-age=31622400
accept-ranges
bytes
expires
Sat, 10 May 2025 16:05:34 GMT

Redirect headers

date
Fri, 10 May 2024 15:08:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QMy9HmD0cjjd4o2n8F%2B7I4mtALTdXJBlTtenBiauw3qDp1%2FMDGhyyb16jQDiNBPi%2FRYaKXu2%2BzqVdBSO5Z67HShGHCj7D0twfEOb2iQQhc%2B%2BmdGaTHZq%2FdWusueM20iuQ%2B5MowY%3D"}],"group":"cf-nel","max_age":604800}
location
https://de.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_2.jpg
cf-ray
881ad811fb50bc03-FRA
content-length
0
macOS_Cuckoo_4.jpg
de.sentinelone.com/wp-content/uploads/2024/05/
Redirect Chain
  • https://www.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_4.jpg
  • https://de.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_4.jpg
70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_4.jpg
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4d1f93cda14403c94609665f70d444549da2b4971c55a155cd74de0a230e3404
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

x-cache-hits
0, 0, 1, 0
strict-transport-security
max-age=31622400; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Fri, 10 May 2024 15:08:20 GMT
fastly-io-served-by
img10-europe-west2
age
82964
x-cache
MISS, MISS, HIT, MISS
fastly-io-info
ifsz=143922 idim=1999x1051 ifmt=jpeg ofsz=72052 odim=1999x1051 ofmt=webp
x-pantheon-styx-hostname
styx-fe2-a-6b9b845978-nmnnw
fastly-stats
io=1
content-length
72052
x-served-by
cache-ams21066-AMS, cache-ams21050-AMS, cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
server
nginx
x-timer
S1715353700.224237,VS0,VE5
etag
"OJ1jWvwvtMSMKQ5Yg6QFQZu+3/JT04D8wghVtAWlVTU"
vary
Accept
content-type
image/webp
x-styx-req-id
f7f648d6-0e1d-11ef-8d21-1e95e6f28690
cache-control
max-age=31622400
accept-ranges
bytes
expires
Sat, 10 May 2025 16:05:34 GMT

Redirect headers

date
Fri, 10 May 2024 15:08:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kbveaKFE4h0UM1wXjj7V682ZpYTQm3j8hVmWXry6B%2FXA%2BM2sM%2Fhs8eeKNfDcmzieXw4p4qufVS%2FuQvVnsR0dLmXI4Q%2BVjcgLsW8IxwI74A0JCuNxsKUI0Ceohd4at9EUu8YVQPE%3D"}],"group":"cf-nel","max_age":604800}
location
https://de.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_4.jpg
cf-ray
881ad811fb53bc03-FRA
content-length
0
macOS_Cuckoo_7.jpg
de.sentinelone.com/wp-content/uploads/2024/05/
Redirect Chain
  • https://www.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_7.jpg
  • https://de.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_7.jpg
99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_7.jpg
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b15f8a133a7adb5cc03798e9343844e2538879f9915e18353c05ef7b112317bb
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

x-cache-hits
0, 0, 1, 0
strict-transport-security
max-age=31622400; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Fri, 10 May 2024 15:08:20 GMT
fastly-io-served-by
img07-europe-west2
age
82964
x-cache
MISS, MISS, HIT, MISS
fastly-io-info
ifsz=164321 idim=1999x1094 ifmt=jpeg ofsz=101730 odim=1999x1094 ofmt=webp
x-pantheon-styx-hostname
styx-fe2-a-6b9b845978-zs9j9
fastly-stats
io=1
content-length
101730
x-served-by
cache-ams21027-AMS, cache-ams12764-AMS, cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
server
nginx
x-timer
S1715353700.223220,VS0,VE18
etag
"zZpY+qgGEUwVZJ5FMxRhv+95yMQSngS0eA5mO9qUJEY"
vary
Accept
content-type
image/webp
x-styx-req-id
f7e80422-0e1d-11ef-8afa-6a599f7f596a
cache-control
max-age=31622400
accept-ranges
bytes
expires
Sat, 10 May 2025 16:05:34 GMT

Redirect headers

date
Fri, 10 May 2024 15:08:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=67zp1vuV09wJEEbVxNnPK9mEVRHDErmNeVrMdXKsMK6%2BCWe%2FOJnUnCzv0IBpUq0RlH%2Byt%2FKkDJeouioV%2FKW1FdsIw5Uz2PmP47IBENkVSPmGVKyJGIOwZwkCpuTyEwOCA32uRTg%3D"}],"group":"cf-nel","max_age":604800}
location
https://de.sentinelone.com/wp-content/uploads/2024/05/macOS_Cuckoo_7.jpg
cf-ray
881ad811fb58bc03-FRA
content-length
0
Screenshot-2024-05-09-at-5.33.23%E2%80%AFPM.jpg
de.sentinelone.com/wp-content/uploads/2024/05/
Redirect Chain
  • https://www.sentinelone.com/wp-content/uploads/2024/05/Screenshot-2024-05-09-at-5.33.23%E2%80%AFPM.jpg
  • https://de.sentinelone.com/wp-content/uploads/2024/05/Screenshot-2024-05-09-at-5.33.23%E2%80%AFPM.jpg
92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de.sentinelone.com/wp-content/uploads/2024/05/Screenshot-2024-05-09-at-5.33.23%E2%80%AFPM.jpg
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aac979264878167cd10ce8857a4592ad740228df806af563b8ecb30c143be0c0
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

x-cache-hits
0, 1, 1, 0
strict-transport-security
max-age=31622400; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Fri, 10 May 2024 15:08:20 GMT
fastly-io-served-by
img03-europe-west2
age
80546
x-cache
MISS, HIT, HIT, MISS
fastly-io-info
ifsz=199828 idim=2494x314 ifmt=jpeg ofsz=94610 odim=2494x314 ofmt=webp
x-pantheon-styx-hostname
styx-fe2-b-54549df966-hp5v5
fastly-stats
io=1
content-length
94610
x-served-by
cache-ams21033-AMS, cache-ams12772-AMS, cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
server
nginx
x-timer
S1715353700.217741,VS0,VE5
etag
"w3ed98x0ZENha4vogqOZeCJm4J1u3wfKygmYXns7I5w"
vary
Accept
content-type
image/webp
x-styx-req-id
994ae32f-0e23-11ef-b0cf-3a3246d715c2
cache-control
max-age=31622400
accept-ranges
bytes
expires
Sat, 10 May 2025 16:45:53 GMT

Redirect headers

date
Fri, 10 May 2024 15:08:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5N%2BcNLAk1xMq2B12OSk5pbds2XxcdFJZ9pgDZXG0CBYCiNcg33aooel1WuCTikT3PySouZLpLL8AZUo27h0osKD8U%2FYucIXt54CLLCaergHKvfmNZo%2BR0yEvYCJdOWR4KJB4rCU%3D"}],"group":"cf-nel","max_age":604800}
location
https://de.sentinelone.com/wp-content/uploads/2024/05/Screenshot-2024-05-09-at-5.33.23%E2%80%AFPM.jpg
cf-ray
881ad8120b62bc03-FRA
content-length
0
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
101
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
881ad8120a14365c-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 13 May 2024 15:08:20 GMT
search-icon.svg
de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/svg/
Redirect Chain
  • https://www.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/svg/search-icon.svg
  • https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/svg/search-icon.svg
681 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/svg/search-icon.svg
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
516cbc569d4e8f15ac7917f186a911d85fd0aaca2d0ca074a6583e95486af856
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

x-cache-hits
0, 907, 0, 0
strict-transport-security
max-age=31622400; includeSubDomains; preload
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Fri, 10 May 2024 15:08:20 GMT
age
1453599
x-cache
MISS, HIT, MISS, MISS
x-pantheon-styx-hostname
styx-fe2-b-76f6c9d98-8pj5p
content-length
385
x-served-by
cache-chi-klot8100085-CHI, cache-fra-eddf8230085-FRA, cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
last-modified
Tue, 23 Apr 2024 11:47:15 GMT
server
nginx
x-timer
S1715353700.230298,VS0,VE7
etag
W/"66279fc3-2a9"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-styx-req-id
b6e038a5-01a6-11ef-a88f-32e589a1b447
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 24 Apr 2025 19:21:41 GMT

Redirect headers

date
Fri, 10 May 2024 15:08:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ouXyt1ttbYHTWAmesGurzCByh65dkMaAQ6fCB%2FsGWr8mlJp%2BX%2B95qYrOhMiGKBj2YHRyYpLNdiBSemFz08L%2FVKOfazWe8ZIwxFxVHxSZMLloaub%2BswsRTREyM4332hSDx7X3H5A%3D"}],"group":"cf-nel","max_age":604800}
location
https://de.sentinelone.com/wp-content/themes/sentinelone/carbine/assets/svg/search-icon.svg
cf-ray
881ad8120b69bc03-FRA
content-length
0
header-logo-dark.svg
de.sentinelone.com/wp-content/themes/sentinelone/assets/svg/
Redirect Chain
  • https://www.sentinelone.com/wp-content/themes/sentinelone/assets/svg/header-logo-dark.svg
  • https://de.sentinelone.com/wp-content/themes/sentinelone/assets/svg/header-logo-dark.svg
7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de.sentinelone.com/wp-content/themes/sentinelone/assets/svg/header-logo-dark.svg
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
19661b2f8ca108e51a5adafd6d4658cc410934e96162dbe5c41e80d1892606d8
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

x-cache-hits
0, 20279, 0, 0
strict-transport-security
max-age=31622400; includeSubDomains; preload
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Fri, 10 May 2024 15:08:20 GMT
age
1453656
x-cache
MISS, HIT, MISS, MISS
x-pantheon-styx-hostname
styx-fe2-b-76f6c9d98-ndzbw
content-length
2616
x-served-by
cache-chi-kigq8000126-CHI, cache-fra-eddf8230138-FRA, cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
last-modified
Tue, 23 Apr 2024 10:29:12 GMT
server
nginx
x-timer
S1715353700.229638,VS0,VE7
etag
W/"66278d78-1b4b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-styx-req-id
94a72952-01a6-11ef-82f3-e206b9b98bf6
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 24 Apr 2025 19:20:44 GMT

Redirect headers

date
Fri, 10 May 2024 15:08:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ewE%2B%2B%2B7VltJkuqc2l1PrUHMYBV0hkvqB5lOE5D6kfMWmhrJ%2BFhzpbT9eSriDGSbdaGUuFCNp03QmXRHAi6oziu%2FQopmI0cTvufb5mJTOP5%2FXz26jM3lgbX3A8Qdi%2FE2TM0cuEs%3D"}],"group":"cf-nel","max_age":604800}
location
https://de.sentinelone.com/wp-content/themes/sentinelone/assets/svg/header-logo-dark.svg
cf-ray
881ad8120b6abc03-FRA
content-length
0
cuckoo_ftr.jpg
de.sentinelone.com/wp-content/uploads/2024/05/
Redirect Chain
  • https://www.sentinelone.com/wp-content/uploads/2024/05/cuckoo_ftr.jpg
  • https://de.sentinelone.com/wp-content/uploads/2024/05/cuckoo_ftr.jpg
176 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de.sentinelone.com/wp-content/uploads/2024/05/cuckoo_ftr.jpg
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1b4ba7b003f9bb746a13fb8a96dc7a3120d0cea2ec46c6875d9f4ef1522fc1a3
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

x-cache-hits
0, 0, 1, 0
strict-transport-security
max-age=31622400; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Fri, 10 May 2024 15:08:20 GMT
fastly-io-served-by
img07-europe-west2
age
82894
x-cache
MISS, MISS, HIT, MISS
fastly-io-info
ifsz=1072213 idim=1200x627 ifmt=jpeg ofsz=179752 odim=1200x627 ofmt=webp
x-pantheon-styx-hostname
styx-fe2-b-54549df966-qlrb4
fastly-stats
io=1
content-length
179752
x-served-by
cache-ams21029-AMS, cache-ams21020-AMS, cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
server
nginx
x-timer
S1715353700.229644,VS0,VE6
etag
"wdi48SqCzUUa2N23A+A22K11m10KQsGizO5e4qbyX6U"
vary
Accept
content-type
image/webp
x-styx-req-id
228537e5-0e1e-11ef-9b9f-da4a8630ffe4
cache-control
max-age=31622400
accept-ranges
bytes
expires
Sat, 10 May 2025 16:06:46 GMT

Redirect headers

date
Fri, 10 May 2024 15:08:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XvCVMSHVsd4bZ%2BKeungB6V1%2Bb0sr8hk3D1LbWFIEhV4M0bMUd4uke%2BgM9aDkeq9LzUC4uvmrExFwqe%2B8E0PV4oPagWSV9SbZOeKOxAwlxXwScnsedBfUG5MJuokq531KopbL7Cg%3D"}],"group":"cf-nel","max_age":604800}
location
https://de.sentinelone.com/wp-content/uploads/2024/05/cuckoo_ftr.jpg
cf-ray
881ad8120b6cbc03-FRA
content-length
0
02ad5672-6494-4b20-a5ae-7d131a0f4f9c.json
cdn.cookielaw.org/consent/02ad5672-6494-4b20-a5ae-7d131a0f4f9c/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/02ad5672-6494-4b20-a5ae-7d131a0f4f9c/02ad5672-6494-4b20-a5ae-7d131a0f4f9c.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca7d5a19dfabdad67ba04b94aa9ddc33949f2a48c0c129dd7eeb279a1b0d9a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 May 2024 15:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
60777
content-md5
Q4lbQxkIMy1cBsX0P1bleA==
content-length
1699
x-ms-lease-status
unlocked
last-modified
Wed, 27 Mar 2024 21:09:56 GMT
server
cloudflare
etag
0x8DC4EA241752AC3
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
abc40f02-001e-003f-2a8b-80f120000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
881ad8125c0e975d-FRA
expires
Sat, 11 May 2024 15:08:20 GMT
forms2.css
go.sentinelone.com/js/forms2/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.sentinelone.com/js/forms2/css/forms2.css
Requested by
Host: go.sentinelone.com
URL: https://go.sentinelone.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 23 Apr 2024 04:13:58 GMT
server
cloudflare
age
2882
etag
"5807fb-3437-616bbc873ed80"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
881ad8124d0a6997-FRA
content-length
2623
expires
Fri, 10 May 2024 19:08:20 GMT
forms2-theme-plain.css
go.sentinelone.com/js/forms2/css/ 		828 B
335 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.sentinelone.com/js/forms2/css/forms2-theme-plain.css
Requested by
Host: go.sentinelone.com
URL: https://go.sentinelone.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 23 Apr 2024 04:13:58 GMT
server
cloudflare
age
4396
etag
"15401a2-33c-616bbc873ed80"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
881ad8124d0d6997-FRA
content-length
246
expires
Fri, 10 May 2024 19:08:20 GMT
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 9CE4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.sentinelone.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C0) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
4014458
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Fri, 10 May 2024 15:08:20 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67C0)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
web
onesignal.com/api/v1/sync/acaf2329-c613-4dbe-a651-1ed5a45c3762/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/acaf2329-c613-4dbe-a651-1ed5a45c3762/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
758f280e266e032691b3ddd5126fc6a0a5256199028f71ddc40a7c211684aaa9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
1798
cf-polished
origSize=3446
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
66c5326f-d23c-44d5-add0-c0278555b6ba
x-runtime
0.033649
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"6b51f4b913350f04245c143d2f9ad4b8"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
881ad8129ad1365c-FRA
access-control-allow-headers
SDK-Version
expires
Fri, 10 May 2024 16:08:20 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
accept
application/json
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
881ad812f9c99101-FRA
access-control-allow-headers
Content-Type
collect
region1.analytics.google.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KJPGLC9EVP&gtm=45je4580v889850326za200&_p=1715353700036&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=736692733.1715353700&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715353700&sct=1&seg=0&dl=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&dt=macOS%20Cuckoo%20Stealer%20%7C%20Ensuring%20Detection%20and%20Defense%20as%20New%20Samples%20Rapidly%20Emerge&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=677
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KJPGLC9EVP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 15:08:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sentinelone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KJPGLC9EVP&cid=736692733.1715353700&gtm=45je4580v889850326za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KJPGLC9EVP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 15:08:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sentinelone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KJPGLC9EVP&cid=736692733.1715353700&gtm=45je4580v889850326za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1930067740
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 15:08:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
destination
www.googletagmanager.com/gtag/ 		260 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-970186784&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGGXSJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f849b77f042b8b076bfed5acabcf703274242c8ec9eb10ffba9115ba9a18018a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91528
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 10 May 2024 15:08:20 GMT
hotjar-2714452.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2714452.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGGXSJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-117.muc50.r.cloudfront.net
Software
/
Resource Hash
e9f698755ba159787b6d5cdbb49a282aabcf10e099b041f861983d27ac57466e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 10 May 2024 15:08:20 GMT
via
1.1 c414bd1a4ce7ace94cbfdfa8efcbe5a6.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
etag
W/6d85b69422114bf3510d4fccef3f003c
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
_5wGa6K7NDpDV2Zn2Us-0sOHNwgDdacIfhiP0fnVaftKCxAAbVU3vg==
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGGXSJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 10 May 2024 15:08:19 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CB0B6A0012D3410982DF7B0D1F379394 Ref B: FRA31EDGE0107 Ref C: 2024-05-10T15:08:20Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
munchkin.js
munchkin.marketo.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.197.137.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-137-224.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 15:08:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Mar 2023 01:24:48 GMT
Server
AkamaiNetStorage
ETag
"cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary
Accept-Encoding
Content-Type
application/x-javascript
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
729
insight.min.js
snap.licdn.com/li.lms-analytics/ 		47 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a42b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 May 2024 17:20:18 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=59863
accept-ranges
bytes
content-length
16683
qevents.js
a.quora.com/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.quora.com/qevents.js
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5af5ee0b37b1f0ef31c42932bbf81424e4bb53e95e87a47e058625c1af2245db

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
x-amz-version-id
jrgqQn59BHyNBJEhUqaibHl1Lk06.AzO
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
M04HPBTPY5GDBBF5
age
3706475
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Tl+NCrT4/ROq8BOB/jXEFbjekr+B/799PB4hsh4cPaz8GcT19YQzaMe+k+f+IJxKpv7tKCeNqoQ=
last-modified
Thu, 28 Mar 2024 17:33:19 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:87b5ecaafd0e88097cbbb1bbb7695fe9
etag
W/"87b5ecaafd0e88097cbbb1bbb7695fe9"
vary
Accept-Encoding
content-type
text/plain
cache-control
public, max-age=14400
cf-ray
881ad81339b79106-FRA
expires
Fri, 10 May 2024 19:08:20 GMT
client.js
cdn.abrankings.com/js/ 		0
0
6si.min.js
j.6sc.co/ 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dc93c5b3243e66c7b2e27c51b76fa6a11bd7a6d7546c5fa26bbffa001f885305
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 15:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 09 May 2024 06:01:25 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"663c66b5-106b3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, proxy-revalidate
accept-ranges
bytes
content-length
18038
expires
Fri, 10 May 2024 15:08:20 GMT
js
www.googletagmanager.com/gtag/ 		205 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-13115870
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGGXSJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b2eb2453a3c24a22b40fcf68f171640c9ef53196308130199c9d4f2c1b2ab6cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75616
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 10 May 2024 15:08:20 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kiad7000168-IAD, cache-fra-etou8220049-FRA
a.js
cdn.calibermind.com/ 		213 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.calibermind.com/a.js
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0647d8975d5c92ea700e635befca523c5aac18754b8454d954909fe070e68cc
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
34715
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Oct 2023 19:21:52 GMT
server
cloudflare
etag
W/"651dbb50-354c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WL%2FIISo7HXSts4lQER99C81n9iD4eH1fukJnYIzczudr%2FIexXpTf%2Fx4vcgFI6Pt4K8WHo35xZLAgwQ6MPjoVkWm%2FRww3RDtDJtr6iFLS2yBnoo3C8aPMPjzvT7CBlig99RNy9cyX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400, stale-if-error=3600
cf-ray
881ad813beeb5d9e-FRA
priority
u=3,i=?0
identifyEmail.latest.js
cdn.calibermind.com/js/ 		838 B
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.calibermind.com/js/identifyEmail.latest.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGGXSJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cda851ced6071adcde40501c1c09e21fd48be1594567337f82711a6371b9779c
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
62422
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Oct 2023 19:24:01 GMT
server
cloudflare
etag
W/"651dbbd1-346"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=do4g2C4b9s1gpaNUhdgl7J3S5hzbc55od4aCNVzaaMwu7roIlFaKa2C%2FKpuBho9cdUnr4bKoLzOP88dxTUbHVOtTRKD74YuKs26XrQVhQcluGXjH99m8P5RGvt8yY6FqPm9QWqgN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400, stale-if-error=3600
cf-ray
881ad813beea5d9e-FRA
priority
u=3,i=?0
events.js
tags.srv.stackadapt.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.68.133.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-133-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
54d2f840623ce5564e4a10f2716abf7d80227a6ce864da1f9cb73a732453ab75

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Fri, 10 May 2024 15:08:20 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
/
attr.ml-api.io/
Redirect Chain
  • https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.sentinelone.com%26pId%3d%24UID
  • https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.sentinelone.com%26pId%3d%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dwww.sentinelone.com%2526pId%253d%2524UID
  • https://attr.ml-api.io/?domain=www.sentinelone.com&pId=1947188242503928270
4 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://attr.ml-api.io/?domain=www.sentinelone.com&pId=1947188242503928270
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Server
2600:9000:26db:7200:5:7a81:86c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Fri, 10 May 2024 15:08:21 GMT
via
1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
content-type
application/json
alt-svc
h3=":443"; ma=86400
content-length
4
apigw-requestid
Xj2_5iCuIAMEZug=
x-amz-cf-id
1ZtvuRrNenRvkAz-m-lStV-NQ-rdMFJOJZcEA-waEXT5kj6xp72KWQ==

Redirect headers

pragma
no-cache
date
Fri, 10 May 2024 15:08:21 GMT
an-x-request-uuid
99ca7f16-109c-44b0-8341-2d5a5098a32f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://attr.ml-api.io/?domain=www.sentinelone.com&pId=1947188242503928270
x-proxy-origin
217.114.218.29; 217.114.218.29; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rt
tags.srv.stackadapt.com/ 		43 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.srv.stackadapt.com/rt?sid=DIQlrAikIjHHohfyFxzIrn
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.68.133.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-133-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
content-length
43
content-type
image/gif
XDFrame
go.sentinelone.com/index.php/form/ Frame 91FB 		2 KB
872 B 		Document
General
Check archive.org
Download Go to
Full URL
https://go.sentinelone.com/index.php/form/XDFrame
Requested by
Host: go.sentinelone.com
URL: https://go.sentinelone.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64d117a5cdaf7b8aa3bc5ff1abeec0e1d98b834782d49f34260c4e1ecc7ec4c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-ray
881ad8133e416997-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 10 May 2024 15:08:20 GMT
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
www-widgetapi.js
www.youtube.com/s/player/17fd9675/www-widgetapi.vflset/ 		215 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/17fd9675/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07cd8a0ea2b5b9fa0845c4f3a17ba1c634b7404c92f8c18012a8d933f59f26a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 07:20:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
28087
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68217
x-xss-protection
0
last-modified
Wed, 08 May 2024 04:20:16 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 10 May 2025 07:20:13 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.23.0/ 		312 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99ac0e388250281fe8851ef71799b3222bab0db5612c2c17deba3962626e0ec1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 May 2024 15:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
joMckLq8BtEunD8NH/4XVA==
age
36549
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
76366
x-ms-lease-status
unlocked
last-modified
Thu, 02 Sep 2021 03:11:58 GMT
server
cloudflare
etag
0x8D96DBF6CBEE741
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
80748953-a01e-009f-3baa-377581000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
881ad81348cb30d8-FRA
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1529
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
881ad8134bac365c-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sun, 09 Jun 2024 15:08:20 GMT
pixel
q.quora.com/_/ad/ea333f827b114f8cb49ce787666ea90b/ 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.quora.com/_/ad/ea333f827b114f8cb49ce787666ea90b/pixel?j=1&u=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&tag=ViewContent&ts=1715353700406
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.112.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-112-67.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 15:08:20 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Server
nginx
Connection
keep-alive
Content-Length
43
X-Q-Stat
,91e645ad2daf4daf49b1a4e10498c4f8,10.0.0.179,52192,217.114.218.29,,238150013555,1,1715353700.874,0.003,,.,0,0,0.000,0.000,-,0,0,203,280,140,10,34729,,,,,,-,
Content-Type
image/gif
icon
onesignal.com/api/v1/apps/acaf2329-c613-4dbe-a651-1ed5a45c3762/ 		240 B
791 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/acaf2329-c613-4dbe-a651-1ed5a45c3762/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c30dc39ff7449779c568ff4e90c170f01eae00486dc5b5e6595656d0c517439a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
632ecad6-c5f9-471b-bd02-190c6cd95413
x-runtime
0.012564
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"c30dc39ff7449779c568ff4e90c170f0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
881ad813c86b8fe0-FRA
access-control-allow-headers
SDK-Version
en.json
cdn.cookielaw.org/consent/02ad5672-6494-4b20-a5ae-7d131a0f4f9c/018e81a2-4125-7625-a354-d74d0a8e4016/ 		76 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/02ad5672-6494-4b20-a5ae-7d131a0f4f9c/018e81a2-4125-7625-a354-d74d0a8e4016/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04961ad8b8691ebfb253f2ba8895f496caf100e6b4824dd1cb74a7adc3132c7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 May 2024 15:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
56316
content-md5
sNb/ta4G8aiOrYPaDVjjrg==
content-length
17292
x-ms-lease-status
unlocked
last-modified
Wed, 27 Mar 2024 21:09:59 GMT
server
cloudflare
etag
0x8DC4EA2432AFE79
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
3e25d2e3-a01e-0044-4c8b-80b3bc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
881ad813ad9a975d-FRA
expires
Sat, 11 May 2024 15:08:20 GMT
134618848.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/134618848.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Fri, 10 May 2024 15:08:19 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5E64F59F89CD478A954D3E2CC713C3F5 Ref B: FRA31EDGE0107 Ref C: 2024-05-10T15:08:20Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=134618848&tm=gtm002&Ver=2&mid=aa4ade35-e5e6-41a3-8bac-39014928df71&sid=2347db700edf11efbc09f79b5cfe478f&vid=2347f0500edf11ef90c42f32a7c71ed2&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=macOS%20Cuckoo%20Stealer%20%7C%20Ensuring%20Detection%20and%20Defense%20as%20New%20Samples%20Rapidly%20Emerge&p=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&r=&lt=536&evt=pageLoad&sv=1&rn=72213
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 10 May 2024 15:08:19 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: ACEBB397EF034ACFAAE2C1EA792DFF87 Ref B: FRA31EDGE0107 Ref C: 2024-05-10T15:08:20Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.1a30a0a67c3c23c13060.js
script.hotjar.com/ 		221 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.1a30a0a67c3c23c13060.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2714452.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-76.muc50.r.cloudfront.net
Software
/
Resource Hash
6a22634f79988e2d27b3207f1b854001e840bc838901e419afcc287873f0cf4d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 11:24:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 8a0110b64ead65f0aff7193e350b2c52.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
272654
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55860
last-modified
Tue, 07 May 2024 11:23:47 GMT
etag
"2fd6012f850b43dfffc8cb9291fc5153"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
ywNW8OQWPuPuw2wpyG--NMaaBslvRbhebYiYKDLaqHJKypw7cwhXxg==
munchkin.js
munchkin.marketo.net/163/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/163/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.197.137.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-137-224.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 15:08:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Jan 2023 02:26:40 GMT
Server
AkamaiNetStorage
ETag
"ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary
Accept-Encoding
Content-Type
application/x-javascript
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4741
Expires
Sun, 18 Aug 2024 15:08:20 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.23.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 May 2024 15:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
r7t3xbAZ3QK/7lQuu5X7ww==
age
66287
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2950
x-ms-lease-status
unlocked
last-modified
Thu, 02 Sep 2021 03:11:51 GMT
server
cloudflare
etag
0x8D96DBF68EC8D5B
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
90ecba25-001e-004d-0b95-13f66f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
881ad8140dff975d-FRA
otPcPanel.json
cdn.cookielaw.org/scripttemplates/6.23.0/assets/v2/ 		47 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/v2/otPcPanel.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49f1fe168324ed0f76fbbab536b991c992296cd48da5ce9dd8bc8ea55e2ef946
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 May 2024 15:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
57AUyP21eMxOiwzpGGh99A==
age
32957
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
11457
x-ms-lease-status
unlocked
last-modified
Thu, 02 Sep 2021 03:11:53 GMT
server
cloudflare
etag
0x8D96DBF6A0C163B
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
9c3c350b-301e-009d-5fc7-7ccb39000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
881ad8140e01975d-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.23.0/assets/ 		20 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 May 2024 15:08:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Ye6OeZcNyuFoWog7CYs00A==
age
64899
x-ms-lease-status
unlocked
last-modified
Thu, 02 Sep 2021 03:12:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
a9309aac-401e-0073-082e-0d6110000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
881ad8140e04975d-FRA
forms2.min.js
go.sentinelone.com/js/forms2/js/ Frame 91FB 		199 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://go.sentinelone.com/js/forms2/js/forms2.min.js
Requested by
Host: go.sentinelone.com
URL: https://go.sentinelone.com/index.php/form/XDFrame
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9649e0e9e5790f8d6b5e69aa4ff9969e8f7d72a84f8501ff9379078005124d8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://go.sentinelone.com/index.php/form/XDFrame
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 23 Apr 2024 04:13:58 GMT
server
cloudflare
age
7076
etag
"15401a9-31af8-616bbc873ed80"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
cf-ray
881ad810cb6c6997-FRA
expires
Fri, 10 May 2024 19:08:19 GMT
/
www.googleadservices.com/pagead/conversion/970186784/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/970186784/?random=1715353700486&cv=11&fst=1715353700486&bg=ffffff&guid=ON&async=1&gtm=45be4580v890159661z871208095za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&label=P7U6CJqLydsBEKDAz84D&hn=www.googleadservices.com&frm=0&tiba=macOS%20Cuckoo%20Stealer%20%7C%20Ensuring%20Detection%20and%20Defense%20as%20New%20Samples%20Rapidly%20Emerge&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=1779142245.1715353700&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-970186784&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
5b5491383bd689decc7da9e2ed4d6fee3ea6507572f4cf9e6ffa15e1a648847a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 15:08:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1714
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CMTH9L-ug4YDFahXHgIdkwIEhQ;src=13115870;type=pagev0;cat=reque0;ord=%5BSessionID%5D;npa=1;auiddc=1779142245.1715353700;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Ch...
13115870.fls.doubleclick.net/ Frame EDFF
Redirect Chain
  • https://13115870.fls.doubleclick.net/activityi;src=13115870;type=pagev0;cat=reque0;ord=%5BSessionID%5D;npa=1;auiddc=1779142245.1715353700;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%252...
  • https://13115870.fls.doubleclick.net/activityi;dc_pre=CMTH9L-ug4YDFahXHgIdkwIEhQ;src=13115870;type=pagev0;cat=reque0;ord=%5BSessionID%5D;npa=1;auiddc=1779142245.1715353700;uaa=x86;uab=64;uafvl=Chro...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://13115870.fls.doubleclick.net/activityi;dc_pre=CMTH9L-ug4YDFahXHgIdkwIEhQ;src=13115870;type=pagev0;cat=reque0;ord=%5BSessionID%5D;npa=1;auiddc=1779142245.1715353700;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4580v9135076156za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-13115870
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 May 2024 15:08:20 GMT
expires
Fri, 10 May 2024 15:08:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 May 2024 15:08:20 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://13115870.fls.doubleclick.net/activityi;dc_pre=CMTH9L-ug4YDFahXHgIdkwIEhQ;src=13115870;type=pagev0;cat=reque0;ord=%5BSessionID%5D;npa=1;auiddc=1779142245.1715353700;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4580v9135076156za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
px4.ads.linkedin.com/collect/
Redirect Chain
  • https://px.ads.linkedin.com/collect/?pid=432890&conversionId=2402852&fmt=gif
  • https://px.ads.linkedin.com/collect/?pid=432890&conversionId=2402852&fmt=gif&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Fpid%3D432890%26conversionId%3D2402852%26fmt%3Dgif%26cookiesTest%3Dtrue%26liSync%3Dtrue
  • https://px.ads.linkedin.com/collect/?pid=432890&conversionId=2402852&fmt=gif&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect/?pid=432890&conversionId=2402852&fmt=gif&cookiesTest=true&liSync=true&e_ipv6=AQIFYj0_hc9yMwAAAY9jDEs4bxZYptTwFl_nKsl1_7ezgcz3pjrYMkcY9neQHZOhcstJj5mJLTbb
43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect/?pid=432890&conversionId=2402852&fmt=gif&cookiesTest=true&liSync=true&e_ipv6=AQIFYj0_hc9yMwAAAY9jDEs4bxZYptTwFl_nKsl1_7ezgcz3pjrYMkcY9neQHZOhcstJj5mJLTbb
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
content-encoding
gzip
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 6B65F41492184311AEF2CDF4268E4971 Ref B: FRAEDGE1506 Ref C: 2024-05-10T15:08:21Z
linkedin-action
1
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
content-type
image/gif
x-li-proto
http/2
content-length
65
x-li-uuid
AAYYGugJ/LooaqQX6d/Rnw==

Redirect headers

date
Fri, 10 May 2024 15:08:21 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 98FD6FBFA92F47C1A6DC759182309134 Ref B: FRAEDGE1308 Ref C: 2024-05-10T15:08:21Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect/?pid=432890&conversionId=2402852&fmt=gif&cookiesTest=true&liSync=true&e_ipv6=AQIFYj0_hc9yMwAAAY9jDEs4bxZYptTwFl_nKsl1_7ezgcz3pjrYMkcY9neQHZOhcstJj5mJLTbb
x-li-proto
http/2
content-length
0
x-li-uuid
AAYYGugFuMa2sCkiKCW5bA==
0
bat.bing.com/action/ 		0
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=134618848&tm=gtm002&Ver=2&mid=aa4ade35-e5e6-41a3-8bac-39014928df71&sid=2347db700edf11efbc09f79b5cfe478f&vid=2347f0500edf11ef90c42f32a7c71ed2&vids=0&msclkid=N&el=Submit%20lead%20form&gc=USD&tpp=1&ea=resource_lead&en=Y&p=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&sw=1600&sh=1200&sc=24&evt=custom&rn=868416
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 10 May 2024 15:08:19 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D6458293DF1F403BB28A302908064B38 Ref B: FRA31EDGE0107 Ref C: 2024-05-10T15:08:20Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
visitWebPage
327-mnm-087.mktoresp.com/webevents/ 		2 B
318 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://327-mnm-087.mktoresp.com/webevents/visitWebPage?_mchNc=1715353700499&_mchCn=&_mchId=327-MNM-087&_mchTk=_mch-sentinelone.com-1715353700498-85691&_mchHo=www.sentinelone.com&_mchPo=&_mchRu=%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 15:08:21 GMT
Content-Encoding
gzip
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Request-Id
e01d3143-3b2c-4814-b2bb-4e334d424775
adsct
t.co/1/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=67fa3f31-9dae-49eb-852b-95567f5608ff&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=165cdd06-f332-44f7-8aeb-203abe6c6fcb&tw_document_href=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&tw_iframe_status=0&txn_id=nv1yw&type=javascript&version=2.3.30
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
177
date
Fri, 10 May 2024 15:08:20 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
9cdea6e8f72c1ae9
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
bf1d8157fdbec9e1ffe4783b579e3f208e7bbab7bc3331df6ae6d4b87e08461a
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=67fa3f31-9dae-49eb-852b-95567f5608ff&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=165cdd06-f332-44f7-8aeb-203abe6c6fcb&tw_document_href=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&tw_iframe_status=0&txn_id=nv1yw&type=javascript&version=2.3.30
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
110
date
Fri, 10 May 2024 15:08:20 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
36634baa86ba7306
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
cfdff523fe3e73af5b70858a67501ef72f399ce5649d05c4547f9203d088a2ce
content-length
43
/
c.6sc.co/ 		7 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/html
access-control-allow-origin
https://www.sentinelone.com
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
7
/
ipv6.6sc.co/ 		23 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv6.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e70 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7f4bda5663702c386616dd479496298ac3df87f9d20911b41098e0b9776765aa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 15:08:20 GMT
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.sentinelone.com
cache-control
max-age=0, no-cache, no-store
6si-ipv6
2001:1b60:2:240:3247::6
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1715353700586_34901612_84081060_22_743_19_40_219";dur=1
content-length
23
expires
Fri, 10 May 2024 15:08:20 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=3576c97e67a9b7f8553a44ff1cc54791&svisitor=null&visitor=b84e3e4f-388c-46c0-863f-191e3f6ec99d&session=032cac4a-f934-44a0-8c50-e67e3f447e4c&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Fri%2C%2010%20May%202024%2015%3A08%3A20%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20the%20mechanics%20of%20macOS%20Cuckoo%20Stealer%2C%20discover%20extended%20indicators%20and%20ensure%20your%20organization%20remains%20protected.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22macOS%20Cuckoo%20Stealer%20%7C%20Ensuring%20Detection%20and%20Defense%20as%20New%20Samples%20Rapidly%20Emerge%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&pageViewId=d26116e5-be0e-44c7-88d6-d552037ceeb2&v=1.1.20
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 15:08:20 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f020a0-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 May 2024 15:08:20 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=3576c97e67a9b7f8553a44ff1cc54791&svisitor=null&visitor=b84e3e4f-388c-46c0-863f-191e3f6ec99d&session=032cac4a-f934-44a0-8c50-e67e3f447e4c&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2010%20May%202024%2015%3A08%3A20%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%223576c97e67a9b7f8553a44ff1cc54791%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2010%20May%202024%2015%3A08%3A20%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2010%20May%202024%2015%3A08%3A20%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2010%20May%202024%2015%3A08%3A20%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%228ba4c5a3fa178cfadac2b61291295db2874be830%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2010%20May%202024%2015%3A08%3A20%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20the%20mechanics%20of%20macOS%20Cuckoo%20Stealer%2C%20discover%20extended%20indicators%20and%20ensure%20your%20organization%20remains%20protected.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22macOS%20Cuckoo%20Stealer%20%7C%20Ensuring%20Detection%20and%20Defense%20as%20New%20Samples%20Rapidly%20Emerge%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&pageViewId=d26116e5-be0e-44c7-88d6-d552037ceeb2&v=1.1.20
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 15:08:20 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f020a0-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 May 2024 15:08:20 GMT
tweet.d7aeb21a88e025d2ea5f5431a103f586.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/tweet.d7aeb21a88e025d2ea5f5431a103f586.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6760) /
Resource Hash
b69773dcbb510737999108690126d5326d529d8aa853492f94464fc0826adb59

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 15:08:20 GMT
Content-Encoding
gzip
Age
4008066
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2725
Last-Modified
Mon, 11 Dec 2023 17:19:47 GMT
Server
ECS (frb/6760)
Etag
"1836187c57e3f0873abebe6985a39f5a+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
p
e.calibermind.com/v1/ 		16 B
592 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://e.calibermind.com/v1/p
Requested by
Host: cdn.calibermind.com
URL: https://cdn.calibermind.com/a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
16
x-request-id
e2c258d7-c06b-432d-a316-5bff7bd74154
server
cloudflare
access-control-max-age
900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bzLr0a%2BOo2ok8zX4Fwn92G1TE68XVpnQ9zK4iTG0HSmP0qQckvCMrffHsjczywRL9XfzMcZn%2ByoFI6KKXRVdqLJOnTXjfzF%2BAca0zS7MICDQj3dVzwkrTIbFiRginuFwqasbaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
881ad814ce7dbbd3-FRA
access-control-allow-headers
Content-Type,Authorization
priority
u=1,i
truncated
/ 		817 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
sa.css
tags.srv.stackadapt.com/ 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.68.133.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-133-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2712f872a8662d4be24e5714ae1ef301eb55eec7937a5fe8510ccc30c778d0e1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Fri, 10 May 2024 15:08:20 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.68.133.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-133-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Fri, 10 May 2024 15:08:20 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
sa.jpeg
tags.srv.stackadapt.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.68.133.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-133-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Fri, 10 May 2024 15:08:20 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
rt
tags.srv.stackadapt.com/ 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.srv.stackadapt.com/rt?sid=uQM497B9yR1fPnLLwZZDtK&url=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&t=macOS%20Cuckoo%20Stealer%20%7C%20Ensuring%20Detection%20and%20Defense%20as%20New%20Samples%20Rapidly%20Emerge&tip=hQBikU355ktBITsGDh9H-MYXK8szcdONBCdqTSk658E
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.68.133.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-133-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
content-length
43
content-type
image/gif
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432890%2C5427652%2C5500618&time=1715353700572&url=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-a...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432890%2C5427652%2C5500618&time=1715353700572&url=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-a...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D432890%252C5427652%252C5500618%26time%3D1715353700572%26url%3Dhttps%253A%252F%252...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432890%2C5427652%2C5500618&time=1715353700572&url=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-a...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=432890%2C5427652%2C5500618&time=1715353700572&url=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-...
0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=432890%2C5427652%2C5500618&time=1715353700572&url=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&cookiesTest=true&liSync=true&e_ipv6=AQJnmxey5ZyFigAAAY9jDEtvAHJnwYdf4BzGOOE5Wmzq4kkOJ3f9nu8Bb-pg2oYnwy8pzNlxbbYp
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: E8D2818D46AF469C9BBC4F870B1FEDC4 Ref B: FRAEDGE1506 Ref C: 2024-05-10T15:08:21Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYYGugKDV0yfWS6D/QsCg==

Redirect headers

date
Fri, 10 May 2024 15:08:21 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: C2D1C33290754352A6907F5A4E421763 Ref B: FRAEDGE1308 Ref C: 2024-05-10T15:08:21Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=432890%2C5427652%2C5500618&time=1715353700572&url=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&cookiesTest=true&liSync=true&e_ipv6=AQJnmxey5ZyFigAAAY9jDEtvAHJnwYdf4BzGOOE5Wmzq4kkOJ3f9nu8Bb-pg2oYnwy8pzNlxbbYp
x-li-proto
http/2
content-length
0
x-li-uuid
AAYYGugGjez9KbGAbN0oCQ==
/
px.ads.linkedin.com/wa/ 		0
839 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*
Referer
https://www.sentinelone.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:08:20 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 1A8FE6249E844AC2A1D905FF52A9E57E Ref B: FRAEDGE1308 Ref C: 2024-05-10T15:08:20Z
linkedin-action
1
vary
Origin
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
access-control-allow-origin
https://www.sentinelone.com
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYYGuf+JhATzca3XeJc3A==
wINUGMVQyKNdKtMTH4Wt_s1.png
img.onesignal.com/permanent/43c3ad2d-0a70-4421-8189-b15392c350e5/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/43c3ad2d-0a70-4421-8189-b15392c350e5/wINUGMVQyKNdKtMTH4Wt_s1.png
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc11ae1919d2e054d5af3535739aaa85f73f873bc49253cfd54ac332fdcfd94f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Fri, 10 May 2024 15:08:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
age
3554
cf-polished
origSize=11143, status=vary_header_present
x-guploader-uploadid
ABPtcPrkkoEw-bgRViRBPtiyKPVRlduLTRlr56GTq95Bup5csj0Petuu7x1f5L0BNdY6a3JhTvavAUNSBw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
6492
pragma
no-cache
cf-bgj
imgq:85,h2pri
last-modified
Fri, 23 Feb 2024 21:44:25 GMT
server
cloudflare
etag
"-CPLdwrW3woQDEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1708724665233138
content-type
image/png
x-goog-hash
crc32c=1QkUUA==, md5=Dj+SUoicGnX7oiG7n37+GQ==
cache-control
public, max-age=2678400
x-goog-stored-content-length
11143
accept-ranges
bytes
cf-ray
881ad814cd45365c-FRA
expires
Mon, 10 Jun 2024 15:08:20 GMT
/
www.google.de/pagead/1p-conversion/970186784/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/970186784/?random=163634794&cv=11&fst=1715353700486&bg=ffffff&guid=ON&async=1&gtm=45be4580v890159661z871208095za201&gcd=13l3l3l2l1&d...
  • https://www.google.com/pagead/1p-conversion/970186784/?random=163634794&cv=11&fst=1715353700486&bg=ffffff&guid=ON&async=1&gtm=45be4580v890159661z871208095za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u...
  • https://www.google.de/pagead/1p-conversion/970186784/?random=163634794&cv=11&fst=1715353700486&bg=ffffff&guid=ON&async=1&gtm=45be4580v890159661z871208095za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/970186784/?random=163634794&cv=11&fst=1715353700486&bg=ffffff&guid=ON&async=1&gtm=45be4580v890159661z871208095za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&label=P7U6CJqLydsBEKDAz84D&hn=www.googleadservices.com&frm=0&tiba=macOS%20Cuckoo%20Stealer%20%7C%20Ensuring%20Detection%20and%20Defense%20as%20New%20Samples%20Rapidly%20Emerge&value=0&npa=1&pscdl=noapi&auid=1779142245.1715353700&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI4rnwv66DhgMVp5ODBx1mYAm1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vd3d3LnNlbnRpbmVsb25lLmNvbS8&is_vtc=1&cid=CAQSGwB7FLtqo5cACQ2vLWSjW3ve_aoXeSI6zs4s1A&eitems=ChEI8Iv3sQYQnJ36u-Ls4rfyARIdANVWnwThWTrIZXYZUKaHx4v_B84mHiOz6GKMSvY&random=2777541209&ipr=y
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H3
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 May 2024 15:08:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 May 2024 15:08:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/970186784/?random=163634794&cv=11&fst=1715353700486&bg=ffffff&guid=ON&async=1&gtm=45be4580v890159661z871208095za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&label=P7U6CJqLydsBEKDAz84D&hn=www.googleadservices.com&frm=0&tiba=macOS%20Cuckoo%20Stealer%20%7C%20Ensuring%20Detection%20and%20Defense%20as%20New%20Samples%20Rapidly%20Emerge&value=0&npa=1&pscdl=noapi&auid=1779142245.1715353700&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI4rnwv66DhgMVp5ODBx1mYAm1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vd3d3LnNlbnRpbmVsb25lLmNvbS8&is_vtc=1&cid=CAQSGwB7FLtqo5cACQ2vLWSjW3ve_aoXeSI6zs4s1A&eitems=ChEI8Iv3sQYQnJ36u-Ls4rfyARIdANVWnwThWTrIZXYZUKaHx4v_B84mHiOz6GKMSvY&random=2777541209&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Tweet.html
platform.twitter.com/embed/ Frame 4618 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=philofishal&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1775905587533865100&lang=en&origin=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&sessionId=e050888ac561072e4bdebadb9d94e5eb5216fc5e&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Age
1370
Cache-Control
public, max-age=1800
Content-Length
345
Content-Type
text/html; charset=utf-8
Date
Fri, 10 May 2024 15:08:20 GMT
Etag
"3798a7b6b197263df1b225665e92751a"
Last-Modified
Sat, 17 Feb 2024 00:56:45 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6762)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=3576c97e67a9b7f8553a44ff1cc54791&svisitor=null&visitor=b84e3e4f-388c-46c0-863f-191e3f6ec99d&session=032cac4a-f934-44a0-8c50-e67e3f447e4c&event=ipv6&q=%7B%22address%22%3A%222001%3A1b60%3A2%3A240%3A3247%3A%3A6%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20the%20mechanics%20of%20macOS%20Cuckoo%20Stealer%2C%20discover%20extended%20indicators%20and%20ensure%20your%20organization%20remains%20protected.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22macOS%20Cuckoo%20Stealer%20%7C%20Ensuring%20Detection%20and%20Defense%20as%20New%20Samples%20Rapidly%20Emerge%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&pageViewId=d26116e5-be0e-44c7-88d6-d552037ceeb2&v=1.1.20
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 15:08:20 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f020a0-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 May 2024 15:08:20 GMT
details
epsilon.6sense.com/v3/company/ 		769 B
731 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://epsilon.6sense.com/v3/company/details
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.142.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software
nginx /
Resource Hash
810fa2a3b55e453ecd985550d03ec94f57c492a7052f8f271e58110e8dd720eb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Token 8ba4c5a3fa178cfadac2b61291295db2874be830
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
X-6s-CustomID
WebTag1.0 3576c97e67a9b7f8553a44ff1cc54791
Referer
https://www.sentinelone.com/
sec-ch-ua-platform
"Win32"

Response headers

x-trace-id
1079880540116939387
date
Fri, 10 May 2024 15:08:20 GMT
content-encoding
gzip
server
nginx
vary
Origin, Accept-Encoding
content-type
application/json
x-6si-region
eu-central-1a
access-control-allow-origin
https://www.sentinelone.com
access-control-expose-headers
X-6si-Region
access-control-allow-credentials
true
timing-allow-origin
https://6sense.com, https://www.ssga.com
content-length
408
details
epsilon.6sense.com/v3/company/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://epsilon.6sense.com/v3/company/details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.142.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-6s-customid
Access-Control-Request-Method
GET
Origin
https://www.sentinelone.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,x-6s-customid
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
https://www.sentinelone.com
access-control-expose-headers
X-6si-Region
access-control-max-age
1800
date
Fri, 10 May 2024 15:08:20 GMT
server
nginx
timing-allow-origin
https://6sense.com, https://www.ssga.com
x-6si-region
eu-central-1a
x-trace-id
849955081074579918
saq_pxl
tags.srv.stackadapt.com/ 		213 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=_Cv1ULrV9dssq6yGX6-Dzw&is_js=true&landing_url=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&t=macOS%20Cuckoo%20Stealer%20%7C%20Ensuring%20Detection%20and%20Defense%20as%20New%20Samples%20Rapidly%20Emerge&tip=hQBikU355ktBITsGDh9H-MYXK8szcdONBCdqTSk658E&host=https%3A%2F%2Fwww.sentinelone.com&sa_conv_data_css_value=%270-03d006f0-6b6e-5d78-6030-9f20be3ebe93%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd903d006f06b6e5d7860309f20be3ebe93d972da1d&sa-user-id-v3=s%253AAQAKIGK1mPZFpRzQnZi-ZL3bhNRlSh45chUsq9Av6HI8Wc_pEHwYBCDk8PixBjABOgS9M-cxQgSVunIJ.JBWh%252FEOXir4hDGefReGLJ5uWvtdFV4SbKcVuDLSxw7E&sa-user-id-v2=s%253AA9AG8GtuXXhgMJ8gvj6-k9ly2h0.hVl5EaxaBStsWbhgs1kfLIF8db3dmx0tpRIgoHptAhQ&sa-user-id=s%253A0-03d006f0-6b6e-5d78-6030-9f20be3ebe93.aCrjVGSAn2aUzXKTdraXKb8bW9JY%252Faga9C1DPqZMyOs
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.68.133.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-133-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8878bfedd760d2b890a0c7979d06850f45090fbcf75faa3cfae8f8787479516b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://www.sentinelone.com
date
Fri, 10 May 2024 15:08:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
213
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
saq_pxl
tags.srv.stackadapt.com/ 		213 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=_Cv1ULrV9dssq6yGX6-Dzw&is_js=true&landing_url=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&t=macOS%20Cuckoo%20Stealer%20%7C%20Ensuring%20Detection%20and%20Defense%20as%20New%20Samples%20Rapidly%20Emerge&tip=hQBikU355ktBITsGDh9H-MYXK8szcdONBCdqTSk658E&host=https%3A%2F%2Fwww.sentinelone.com&sa_conv_data_Event%20Name=mkto.form.success&sa_conv_data_css_value=&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd903d006f06b6e5d7860309f20be3ebe93d972da1d&sa-user-id-v3=s%253AAQAKIGK1mPZFpRzQnZi-ZL3bhNRlSh45chUsq9Av6HI8Wc_pEHwYBCDk8PixBjABOgS9M-cxQgSVunIJ.JBWh%252FEOXir4hDGefReGLJ5uWvtdFV4SbKcVuDLSxw7E&sa-user-id-v2=s%253AA9AG8GtuXXhgMJ8gvj6-k9ly2h0.hVl5EaxaBStsWbhgs1kfLIF8db3dmx0tpRIgoHptAhQ&sa-user-id=s%253A0-03d006f0-6b6e-5d78-6030-9f20be3ebe93.aCrjVGSAn2aUzXKTdraXKb8bW9JY%252Faga9C1DPqZMyOs
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.68.133.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-133-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8878bfedd760d2b890a0c7979d06850f45090fbcf75faa3cfae8f8787479516b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://www.sentinelone.com
date
Fri, 10 May 2024 15:08:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
213
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGGXSJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 10 May 2024 14:07:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3631
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 10 May 2024 16:07:49 GMT
collect
www.google-analytics.com/j/ 		4 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=589564592&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&ul=de-de&de=UTF-8&dt=macOS%20Cuckoo%20Stealer%20%7C%20Ensuring%20Detection%20and%20Defense%20as%20New%20Samples%20Rapidly%20Emerge&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=YADAAEABAAAAACAAI~&jid=2117068175&gjid=859032284&cid=736692733.1715353700&tid=UA-38175129-1&_gid=380394857.1715353701&_r=1&_slc=1&gtm=45He4580n71KGGXSJv71208095za200&cd1=&cd2=&cd3=&cd4=Germany&cd5=&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=796071836
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 May 2024 15:08:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sentinelone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-38175129-1&cid=736692733.1715353700&jid=2117068175&gjid=859032284&_gid=380394857.1715353701&npa=1&_u=YADAAEAAAAAAACAAI~&z=273215931
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 10 May 2024 15:08:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sentinelone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-38175129-1&cid=736692733.1715353700&jid=2117068175&npa=1&_u=YADAAEAAAAAAACAAI~&z=977662002
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 15:08:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-38175129-1&cid=736692733.1715353700&jid=2117068175&npa=1&_u=YADAAEAAAAAAACAAI~&z=977662002
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 15:08:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
messenger
app.qualified.com/w/1/ZQoyHXFTqngPcfcB/ Frame D61B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app.qualified.com/w/1/ZQoyHXFTqngPcfcB/messenger?uuid=d3dea20f-2d79-489b-8052-6173552768fe
Requested by
Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=ZQoyHXFTqngPcfcB
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.44.154.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-154-105.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
max-age=0, private, must-revalidate
Content-Encoding
gzip
Content-Length
1848
Content-Security-Policy
Content-Type
text/html; charset=utf-8
Date
Fri, 10 May 2024 15:08:21 GMT
Etag
W/"4664e6377a902f884003c3bc04c9f0e3"
Link
<https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css>; rel=preload; as=style; nopush,<https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css>; rel=preload; as=style; nopush
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Accept-Encoding
Via
1.1 spaces-router (2a9d893844a5)
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
6de1fbae-70b2-1b7f-9304-711cdf47b804
X-Runtime
0.020523
X-Xss-Protection
1; mode=block
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=3576c97e67a9b7f8553a44ff1cc54791&svisitor=null&visitor=b84e3e4f-388c-46c0-863f-191e3f6ec99d&session=032cac4a-f934-44a0-8c50-e67e3f447e4c&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2010%20May%202024%2015%3A08%3A21%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2010%20May%202024%2015%3A08%3A20%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%221001%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20the%20mechanics%20of%20macOS%20Cuckoo%20Stealer%2C%20discover%20extended%20indicators%20and%20ensure%20your%20organization%20remains%20protected.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22macOS%20Cuckoo%20Stealer%20%7C%20Ensuring%20Detection%20and%20Defense%20as%20New%20Samples%20Rapidly%20Emerge%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&pageViewId=d26116e5-be0e-44c7-88d6-d552037ceeb2&v=1.1.20
Requested by
Host: www.sentinelone.com
URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 15:08:21 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f020a0-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 May 2024 15:08:21 GMT
favicon.ico
de.sentinelone.com/wp-content/themes/sentinelone/assets/favicon-whyte/
Redirect Chain
  • https://www.sentinelone.com/wp-content/themes/sentinelone/assets/favicon-whyte/favicon.ico
  • https://de.sentinelone.com/wp-content/themes/sentinelone/assets/favicon-whyte/favicon.ico
15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://de.sentinelone.com/wp-content/themes/sentinelone/assets/favicon-whyte/favicon.ico
Protocol
H2
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e189b6269fc9c19343d172b50d26939bc988ba9ee4b75bd7e39268ce9926c05b
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.sentinelone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

x-cache-hits
0, 2944, 0, 0
strict-transport-security
max-age=31622400; includeSubDomains; preload
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Fri, 10 May 2024 15:08:22 GMT
age
717541
x-cache
MISS, HIT, MISS, MISS
expires
Thu, 24 Apr 2025 19:21:09 GMT
content-length
2131
x-served-by
cache-chi-kigq8000137-CHI, cache-fra-eddf8230128-FRA, cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
last-modified
Tue, 23 Apr 2024 10:29:12 GMT
server
nginx
x-timer
S1715353702.241126,VS0,VE6
etag
"66278d78-3aee"
vary
Accept-Encoding
content-type
image/x-icon
x-styx-req-id
a3d530e9-01a6-11ef-9796-86f17d95d70b
cache-control
max-age=31622400
accept-ranges
bytes
x-pantheon-styx-hostname
styx-fe2-b-76f6c9d98-r6rmt

Redirect headers

date
Fri, 10 May 2024 15:08:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OvMTqiFs5kxHDCp1854GaSRtf%2FDBgi729iE42OaGPjEtFcfie9HZmzSkaNUXo2nsTmBlj4D1YwoogFLl7VqI1%2F9xwoz7D5U01PU9HvqapxokKm9XMKlqxu1NmM84uHpOpEs8Ddk%3D"}],"group":"cf-nel","max_age":604800}
location
https://de.sentinelone.com/wp-content/themes/sentinelone/assets/favicon-whyte/favicon.ico
cf-ray
881ad81e5c1bbc03-FRA
content-length
0
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=3576c97e67a9b7f8553a44ff1cc54791&svisitor=null&visitor=b84e3e4f-388c-46c0-863f-191e3f6ec99d&session=032cac4a-f934-44a0-8c50-e67e3f447e4c&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2010%20May%202024%2015%3A08%3A22%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2010%20May%202024%2015%3A08%3A21%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222002%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20the%20mechanics%20of%20macOS%20Cuckoo%20Stealer%2C%20discover%20extended%20indicators%20and%20ensure%20your%20organization%20remains%20protected.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22macOS%20Cuckoo%20Stealer%20%7C%20Ensuring%20Detection%20and%20Defense%20as%20New%20Samples%20Rapidly%20Emerge%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&pageViewId=d26116e5-be0e-44c7-88d6-d552037ceeb2&v=1.1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 15:08:22 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f020a0-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 May 2024 15:08:22 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=3576c97e67a9b7f8553a44ff1cc54791&svisitor=null&visitor=b84e3e4f-388c-46c0-863f-191e3f6ec99d&session=032cac4a-f934-44a0-8c50-e67e3f447e4c&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2010%20May%202024%2015%3A08%3A23%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2010%20May%202024%2015%3A08%3A22%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20the%20mechanics%20of%20macOS%20Cuckoo%20Stealer%2C%20discover%20extended%20indicators%20and%20ensure%20your%20organization%20remains%20protected.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22macOS%20Cuckoo%20Stealer%20%7C%20Ensuring%20Detection%20and%20Defense%20as%20New%20Samples%20Rapidly%20Emerge%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&pageViewId=d26116e5-be0e-44c7-88d6-d552037ceeb2&v=1.1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 15:08:23 GMT
x-content-type-options
nosniff
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60bb2e15-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 May 2024 15:08:23 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=3576c97e67a9b7f8553a44ff1cc54791&svisitor=null&visitor=b84e3e4f-388c-46c0-863f-191e3f6ec99d&session=032cac4a-f934-44a0-8c50-e67e3f447e4c&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2010%20May%202024%2015%3A08%3A24%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2010%20May%202024%2015%3A08%3A23%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%224003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20the%20mechanics%20of%20macOS%20Cuckoo%20Stealer%2C%20discover%20extended%20indicators%20and%20ensure%20your%20organization%20remains%20protected.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22macOS%20Cuckoo%20Stealer%20%7C%20Ensuring%20Detection%20and%20Defense%20as%20New%20Samples%20Rapidly%20Emerge%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&pageViewId=d26116e5-be0e-44c7-88d6-d552037ceeb2&v=1.1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 15:08:24 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 May 2024 15:08:24 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=3576c97e67a9b7f8553a44ff1cc54791&svisitor=null&visitor=b84e3e4f-388c-46c0-863f-191e3f6ec99d&session=032cac4a-f934-44a0-8c50-e67e3f447e4c&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2010%20May%202024%2015%3A08%3A25%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2010%20May%202024%2015%3A08%3A24%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20the%20mechanics%20of%20macOS%20Cuckoo%20Stealer%2C%20discover%20extended%20indicators%20and%20ensure%20your%20organization%20remains%20protected.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22macOS%20Cuckoo%20Stealer%20%7C%20Ensuring%20Detection%20and%20Defense%20as%20New%20Samples%20Rapidly%20Emerge%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&pageViewId=d26116e5-be0e-44c7-88d6-d552037ceeb2&v=1.1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 15:08:25 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Feb 2023 02:04:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f03226-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 May 2024 15:08:25 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=3576c97e67a9b7f8553a44ff1cc54791&svisitor=null&visitor=b84e3e4f-388c-46c0-863f-191e3f6ec99d&session=032cac4a-f934-44a0-8c50-e67e3f447e4c&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2010%20May%202024%2015%3A08%3A26%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2010%20May%202024%2015%3A08%3A25%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20the%20mechanics%20of%20macOS%20Cuckoo%20Stealer%2C%20discover%20extended%20indicators%20and%20ensure%20your%20organization%20remains%20protected.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22macOS%20Cuckoo%20Stealer%20%7C%20Ensuring%20Detection%20and%20Defense%20as%20New%20Samples%20Rapidly%20Emerge%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&pageViewId=d26116e5-be0e-44c7-88d6-d552037ceeb2&v=1.1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 15:08:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 05 Oct 2021 22:17:52 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"615ccf10-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 May 2024 15:08:26 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=3576c97e67a9b7f8553a44ff1cc54791&svisitor=null&visitor=b84e3e4f-388c-46c0-863f-191e3f6ec99d&session=032cac4a-f934-44a0-8c50-e67e3f447e4c&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2010%20May%202024%2015%3A08%3A27%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2010%20May%202024%2015%3A08%3A26%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%227005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20the%20mechanics%20of%20macOS%20Cuckoo%20Stealer%2C%20discover%20extended%20indicators%20and%20ensure%20your%20organization%20remains%20protected.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22macOS%20Cuckoo%20Stealer%20%7C%20Ensuring%20Detection%20and%20Defense%20as%20New%20Samples%20Rapidly%20Emerge%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&pageViewId=d26116e5-be0e-44c7-88d6-d552037ceeb2&v=1.1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.sentinelone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 15:08:27 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f020a0-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 May 2024 15:08:27 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.abrankings.com
URL
https://cdn.abrankings.com/js/client.js

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| FontFaceObserver function| $ function| jQuery object| MktoForms2 function| documentInitOneSignal function| OneSignal string| QualifiedObject function| qualified function| gtag object| dataLayer function| ClipboardJS object| lazyLoadInstance function| checkPageScroll object| anchors undefined| anchor function| LazyLoad function| WOW object| Apologetic object| Autopop object| FormGCLID object| GlobalMediaViewer object| PathFactoryUtils object| UtmLinks function| sidebarSticky object| swiper object| hljs object| MarkerAnimation function| Swiper object| TableOfContents object| AmazonPolly object| Highlighter object| Magnifier object| Tooltip object| ProgressBar object| OneTrustStub object| __twttrll object| twttr object| __twttr number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| google_tag_manager object| google_tag_data function| addCaptchaScript function| postscribe object| google_tag_manager_external function| onYouTubeIframeAPIReady object| gaGlobal object| Cookies function| hj object| _hjSettings object| freeEditElems number| len undefined| curr string| _linkedin_partner_id object| _linkedin_data_partner_ids function| qp number| abr_id function| processEpsilonData string| epsilonName boolean| enabled function| callback number| version object| _6si function| twq object| analytics function| saq function| _saq function| lintrk object| utmCampaign object| utmSource object| utmMedium object| utmContent object| utmTerm object| utmIdentifier object| expireIn object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| qevents object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ function| UET function| UET_init function| UET_push object| ueto_c8dcd3d89a object| uetq object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| Optanon object| OneTrust object| regexThatChecksForEmail function| calibermindCaptureSubmit function| calibermindAddFormListener number| r object| GooglebQhCsO object| MunchkinTracker object| webpackChunk_ion_builder_server object| __SEGMENT_INSPECTOR__ object| regeneratorRuntime string| res string| current_window_url_param boolean| _already_called_lintrk object| ORIBILI boolean| _storagePopulated boolean| _q_widgetInitialized string| _q_lastClientActivityAt object| saCookies string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData

49 Cookies

Domain/Path Name / Value
.sentinelone.com/ Name: __cfredirector_sm
Value: DE
.go.sentinelone.com/ Name: __cf_bm
Value: brEbM_hMmu7C13rB3a_gQ_ZuV6GG0YcIkTyzs30sBdY-1715353699-1.0.1.1-Ky2yPrB_bUSfcB3cBMrzevqnJ1Fv.Lu3hBUZxboVGiMXnodyja1Wc1rsnTEDHavc95I_nRRNyu7jRQ80D0ozCQ
.onesignal.com/ Name: __cf_bm
Value: ZM7lzYFhrjek7TGrv7.DUXmH_fqmQglXMH0bewxR7Kw-1715353700-1.0.1.1-_5PzGVsfej_T6lQav.3yayccoyO0G1AwercUmYTWqkM3OgD.6GM13LSi_dp.yZaIL_Fnd6se5qfgVqL0R1iwBw
.youtube.com/ Name: YSC
Value: FYOLoktrSec
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 8jLV0OjQkoE
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgVw%3D%3D
.sentinelone.com/ Name: _ga_KJPGLC9EVP
Value: GS1.1.1715353700.1.0.1715353700.60.0.0
.sentinelone.com/ Name: _gcl_au
Value: 1.1.1779142245.1715353700
go.sentinelone.com/ Name: BIGipServerab14web-nginx-app_https
Value: !1hb9gmT1g2VE7tLagI9xdiUvaZp4gq7xQK0cny1Ir7SFK6pjfYRrQDfyDx9tJFupQaZxRNgB15sjkxY=
.sentinelone.com/ Name: _uetsid
Value: 2347db700edf11efbc09f79b5cfe478f
.sentinelone.com/ Name: _uetvid
Value: 2347f0500edf11ef90c42f32a7c71ed2
.sentinelone.com/ Name: _mkto_trk
Value: id:327-MNM-087&token:_mch-sentinelone.com-1715353700498-85691
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-03d006f0-6b6e-5d78-6030-9f20be3ebe93.aCrjVGSAn2aUzXKTdraXKb8bW9JY%2Faga9C1DPqZMyOs
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-03d006f0-6b6e-5d78-6030-9f20be3ebe93.aCrjVGSAn2aUzXKTdraXKb8bW9JY%2Faga9C1DPqZMyOs
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AA9AG8GtuXXhgMJ8gvj6-k9ly2h0.hVl5EaxaBStsWbhgs1kfLIF8db3dmx0tpRIgoHptAhQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AA9AG8GtuXXhgMJ8gvj6-k9ly2h0.hVl5EaxaBStsWbhgs1kfLIF8db3dmx0tpRIgoHptAhQ
tags.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGK1mPZFpRzQnZi-ZL3bhNRlSh45chUsq9Av6HI8Wc_pEHwYBCDk8PixBjABOgS9M-cxQgSVunIJ.JBWh%2FEOXir4hDGefReGLJ5uWvtdFV4SbKcVuDLSxw7E
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGK1mPZFpRzQnZi-ZL3bhNRlSh45chUsq9Av6HI8Wc_pEHwYBCDk8PixBjABOgS9M-cxQgSVunIJ.JBWh%2FEOXir4hDGefReGLJ5uWvtdFV4SbKcVuDLSxw7E
.sentinelone.com/ Name: ajs_anonymous_id
Value: 824c8fb2-c9b8-4d73-b4d8-2ed4d541e826
www.sentinelone.com/ Name: _gd_visitor
Value: b84e3e4f-388c-46c0-863f-191e3f6ec99d
www.sentinelone.com/ Name: _gd_session
Value: 032cac4a-f934-44a0-8c50-e67e3f447e4c
.sentinelone.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Fri+May+10+2024+17%3A08%3A20+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=6.23.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.sentinelone.com%2Fblog%2Fmacos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge%2F&groups=C0003%3A0%2CC0001%3A1%2CC0002%3A0%2CC0004%3A0
www.sentinelone.com/ Name: sa-user-id
Value: s%253A0-03d006f0-6b6e-5d78-6030-9f20be3ebe93.aCrjVGSAn2aUzXKTdraXKb8bW9JY%252Faga9C1DPqZMyOs
www.sentinelone.com/ Name: sa-user-id-v2
Value: s%253AA9AG8GtuXXhgMJ8gvj6-k9ly2h0.hVl5EaxaBStsWbhgs1kfLIF8db3dmx0tpRIgoHptAhQ
www.sentinelone.com/ Name: sa-user-id-v3
Value: s%253AAQAKIGK1mPZFpRzQnZi-ZL3bhNRlSh45chUsq9Av6HI8Wc_pEHwYBCDk8PixBjABOgS9M-cxQgSVunIJ.JBWh%252FEOXir4hDGefReGLJ5uWvtdFV4SbKcVuDLSxw7E
.bing.com/ Name: MUID
Value: 05073F5EF5D4667B1F502B25F478677A
.sentinelone.com/ Name: _hjSessionUser_2714452
Value: eyJpZCI6Ijc1ZmZjNWQ1LWYyMmItNTJiMy05NzZmLTlmM2M2YmMzM2RmOCIsImNyZWF0ZWQiOjE3MTUzNTM3MDA2MDMsImV4aXN0aW5nIjpmYWxzZX0=
.sentinelone.com/ Name: _hjSession_2714452
Value: eyJpZCI6ImI2OGRmMmVhLTQzNTYtNDE3OC1iMDMyLTUyOTkzZjdhNGNmNSIsImMiOjE3MTUzNTM3MDA2MDMsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.twitter.com/ Name: guest_id_marketing
Value: v1%3A171535370066804600
.twitter.com/ Name: guest_id_ads
Value: v1%3A171535370066804600
.twitter.com/ Name: personalization_id
Value: "v1_3MEtk71buNC0+s1hyUSuHA=="
.twitter.com/ Name: guest_id
Value: v1%3A171535370066804600
.sentinelone.com/ Name: __q_state_ZQoyHXFTqngPcfcB
Value: eyJ1dWlkIjoiZDNkZWEyMGYtMmQ3OS00ODliLTgwNTItNjE3MzU1Mjc2OGZlIiwiY29va2llRG9tYWluIjoic2VudGluZWxvbmUuY29tIn0=
.linkedin.com/ Name: lidc
Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3224:u=1:x=1:i=1715353700:t=1715440100:v=2:sig=AQGrgGOCgNcflZFEzv_jOUgLG3QbxVpg"
.t.co/ Name: muc_ads
Value: c99f84f6-cfb4-490c-bf58-18687207d9e8
.linkedin.com/ Name: li_sugr
Value: aaf5412f-0c4c-466d-9927-09c379568641
.linkedin.com/ Name: UserMatchHistory
Value: AQJW3hk2bBTQagAAAY9jDEnnnSzitrWY3ORrwLptojHV6jSydeyjzLiC7_dWnmZjkqkSkQ2BB_yOew
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLRqdZEL0Ap_AAAAY9jDEnnz6xIwazNDqyUGj5TbyVTjNp5WAahjc_MpK3rC-LNIRuLzSf4hDreKejC7JPfiw
.linkedin.com/ Name: bcookie
Value: "v=2&71e58189-3e2b-42c3-822a-8d8a23b889ec"
.sentinelone.com/ Name: _ga
Value: GA1.2.736692733.1715353700
.sentinelone.com/ Name: _gid
Value: GA1.2.380394857.1715353701
.sentinelone.com/ Name: _gat_UA-38175129-1
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: _4ypif4usqzvIJKdDUcRhFZubfV_UD9Vh2wUUr4hTzBiHn7VAengCF8MtBvEkulqnJqdbP1CZEWP30olPl8FHYJMg_Ubp9krZv2HIRAMYAo.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 1947188242503928270
.www.linkedin.com/ Name: bscookie
Value: "v=1&20240510150821e926e190-c6fa-4b0e-8f77-4abec3ec23a9AQH10cIpA3YLJhRqFTck6EixnI-zbgFG"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MTUzNTM3MDE7MjswMjElYB7rDNuGP951/v5Y0zmqHS8tYz4wf80PbQaj1ydReg==

145 Console Messages

Source Level URL
Text
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
The keyword 'push-button' used on the 'appearance' property was deprecated and has now been removed. It will no longer have any effect.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.sentinelone.com/blog/macos-cuckoo-stealer-ensuring-detection-and-defense-as-new-samples-rapidly-emerge/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src 'none'; script-src 'unsafe-eval' https://snap.licdn.com/ https://cdn.calibermind.com/ https://a.quora.com/ https://app.cdn.lookbookhq.com/ https://connect.facebook.net/ https://ct.capterra.com/ https://ga.clearbit.com/ https://js.adsrvr.org/ https://munchkin.brightfunnel.com/ https://munchkin.marketo.net/ https://static.ads-twitter.com/ 'unsafe-inline' http://schema.org https://*.cloudfront.net/ https://*.googletagmanager.com https://a.omappapi.com/ https://analytics.twitter.com/ https://bat.bing.com/ https://cdn.abrankings.com https://cdn.abrankings.com/ https://cdn.cookielaw.org/ https://cdn.datatables.net/ https://cdn.jsdelivr.net/ https://cdn.onesignal.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://code.jquery.com/ https://collector-5527.tvsquared.com/ https://fonts.googleapis.com/ https://go.sentinelone.com/ https://googleads.g.doubleclick.net/ https://j.6sc.co/ https://js.maxmind.com/ https://js.qualified.com/ https://onesignal.com/ https://pixel-geo.prfct.co/ https://platform-api.sharethis.com/ https://platform.twitter.com/ https://pt.ispot.tv/ https://pubads.g.doubleclick.net/ https://px.spiceworks.com/ https://script.hotjar.com/ https://scripts.demandbase.com/ https://sentinelone.com https://ssl.google-analytics.com https://staging.s1preview.com/ https://static.hotjar.com/ https://tag.marinsm.com/ https://ws.qualified.com/ https://www.clickcease.com/ https://www.google-analytics.com https://www.google-analytics.com/ https://www.google.com/* https://www.googleoptimize.com/ https://www.googletagmanager.com/ https://www.googletagmanager.com/* https://www.redditstatic.com/ https://www.vantajs.com/ https://www.youtube.com/ https://yoast.com/ https://www.google.com/ https://qualified.com/ https://www.vantajs.com/ https://js.maxmind.com/ https://cdn.onesignal.com/ https://cdn.datatables.net/ https://platform-api.sharethis.com/ https://yoast.com/ https://fonts.googleapis.com/ https://cdn.datatables.net/ https://js-agent.newrelic.com/ https://www.sentinelone.com/ https://boards.greenhouse.io/ https://ajax.cloudflare.com/ https://www.googleadservices.com/ https://bam.nr-data.net/ https://cdn.linkedin.oribi.io/ https://fr.sentinelone.com/ https://it.sentinelone.com/ https://jp.sentinelone.com/ https://de.sentinelone.com/ https://it.sentinelone.com/ https://es.sentinelone.com/ https://nl.sentinelone.com/ https://kr.sentinelone.com/ https://www.google.it/ https://www.google.co.jp/ https://www.google.de/ https://ar.sentinelone.com/ https://www.google.es/ https://www.google.fr/ https://www.google.nl/ https://sonix.ai https://bam.nr-data.net/ https://docs.google.com/ https://apis.google.com/js/api.js/ https://accounts.google.com/ https://*.googleapis.com *.google.com https://*.gstatic.com https://sheets.googleapis.com/ https://tags.srv.stackadapt.com/events.js https://js.storylane.io/ https://qvdt3feo.com/ https://javascript.heeet.io/ https://api.brightfunnel.com https://a23gjzphzj.execute-api.us-east-1.amazonaws.com/ https://geolocation.onetrust.com/ https://js-agent.newrelic.com/ https://www.gstatic.com/; frame-ancestors 'self' http://sentinelone.lookbookhq.com https://sentinelone.lookbookhq.com http://sentinelone.pathfactory.com https://sentinelone.pathfactory.com http://assets.sentinelone.com https://assets.sentinelone.com https://app.scalyr.com https://app.eu.scalyr.com localhost https://a23gjzphzj.execute-api.us-east-1.amazonaws.com/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13115870.fls.doubleclick.net
327-mnm-087.mktoresp.com
a.quora.com
ajax.googleapis.com
analytics.twitter.com
app.qualified.com
attr.ml-api.io
b.6sc.co
bat.bing.com
c.6sc.co
cdn.abrankings.com
cdn.calibermind.com
cdn.cookielaw.org
cdn.onesignal.com
de.sentinelone.com
e.calibermind.com
epsilon.6sense.com
geolocation.onetrust.com
go.sentinelone.com
googleads.g.doubleclick.net
img.onesignal.com
ipv6.6sc.co
j.6sc.co
js.qualified.com
munchkin.marketo.net
onesignal.com
platform.twitter.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
region1.analytics.google.com
s.ml-attr.com
script.hotjar.com
secure.adnxs.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tags.srv.stackadapt.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.sentinelone.com
www.youtube.com
cdn.abrankings.com
104.17.111.223
104.17.71.206
104.244.42.5
104.244.42.67
13.107.42.14
13.248.142.121
142.250.181.226
142.250.184.194
142.250.184.198
142.250.185.164
146.75.120.157
162.159.152.17
172.217.16.195
172.67.213.149
172.67.74.101
18.66.192.117
185.89.210.82
192.28.144.124
2001:4860:4802:34::36
23.197.137.224
2600:9000:26db:7200:5:7a81:86c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:4400::ac40:9b77
2606:4700::6812:1105
2606:4700::6813:b134
2620:12a:8000::2
2620:1ec:21::14
2620:1ec:c11::237
2a00:1450:4001:803::200a
2a00:1450:4001:803::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c04::9c
2a02:26f0:780::210:a42b
2a02:26f0:ab00::214:8e70
3.68.133.236
52.44.154.105
52.72.112.67
54.230.228.76
68.67.153.60
95.101.111.184
0022acc76fcc28bdad41e61fb778b07358511fd18c0efdb7bdd0be8ccee25c2f
04961ad8b8691ebfb253f2ba8895f496caf100e6b4824dd1cb74a7adc3132c7d
07cd8a0ea2b5b9fa0845c4f3a17ba1c634b7404c92f8c18012a8d933f59f26a2
08d80a196fd16e446bb1d5c7e94adf0b719406286686ab3606e0e49a1dc122d9
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
181fa10be49f875d78816391e202c05f90be6b0d5597edc25f524b1183e434e6
19661b2f8ca108e51a5adafd6d4658cc410934e96162dbe5c41e80d1892606d8
1b4ba7b003f9bb746a13fb8a96dc7a3120d0cea2ec46c6875d9f4ef1522fc1a3
1c483a1caf094b8e3a922a5773e342df31d68ef351f6b35af4bbac9dd0aefcdd
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2444b597dd4b430d0bd2c3c2813a4d4f73170653dd61ef8fe0d135f79a8364a2
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2712f872a8662d4be24e5714ae1ef301eb55eec7937a5fe8510ccc30c778d0e1
2b7f9e41f489447409cbfa2d1baac1ed34bc4210077fae833b005ec9d783da4d
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
3b9aad1643b44724cfca115231c3eff0adb5db9b5359ca4115543ff9de8956d5
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
49f1fe168324ed0f76fbbab536b991c992296cd48da5ce9dd8bc8ea55e2ef946
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4d1f93cda14403c94609665f70d444549da2b4971c55a155cd74de0a230e3404
516cbc569d4e8f15ac7917f186a911d85fd0aaca2d0ca074a6583e95486af856
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
5466092ef0deb16007dc2e8e61eb345b380ab6663bd3ef41808ffb7360abd61a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d2f840623ce5564e4a10f2716abf7d80227a6ce864da1f9cb73a732453ab75
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
5af5ee0b37b1f0ef31c42932bbf81424e4bb53e95e87a47e058625c1af2245db
5b5491383bd689decc7da9e2ed4d6fee3ea6507572f4cf9e6ffa15e1a648847a
64d117a5cdaf7b8aa3bc5ff1abeec0e1d98b834782d49f34260c4e1ecc7ec4c2
67418e79f1c8689e34cd9c68f1d5300f627d85e59c22d70abf8cde80b02067b9
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6a22634f79988e2d27b3207f1b854001e840bc838901e419afcc287873f0cf4d
6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
6e0632b1fdeb4f6c1e8e4eb0b385a974c34758957dfab422cfbdd5b62bfc53df
700c8bd73d93522ca53cdc35e2a71e96caf7c344bc7a8391f3af90c10b917033
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
758b336b8291c58c944b1d40afd4469609c946ac427f33baac4ea0d5c2ed6fdd
758f280e266e032691b3ddd5126fc6a0a5256199028f71ddc40a7c211684aaa9
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
7f4bda5663702c386616dd479496298ac3df87f9d20911b41098e0b9776765aa
810fa2a3b55e453ecd985550d03ec94f57c492a7052f8f271e58110e8dd720eb
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
866b0dff742f52c8ce72fb6793882fdc9cc16fa9dca416168e8ee33acac4199d
872a3503128739331021f36e3b4a8fc58ec8503fe67be7c08549be5c64aa7bd4
8878bfedd760d2b890a0c7979d06850f45090fbcf75faa3cfae8f8787479516b
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
96813316bbd0571b81a311f40a331ee85707f1f7b78354644a884aa87dfc28bb
99ac0e388250281fe8851ef71799b3222bab0db5612c2c17deba3962626e0ec1
9a1ab475b178c0f9d80a60367ad77a53ba2e5692fdd4ecac47b999f60b1b4042
9ef29a38f1b923a09e72755a34d0539533546027b7a3dfd534424560619e45b0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a6bfc62c8e653fb944b2a6937d2822241c304fa49bbe90ede334a582385f47e1
aac979264878167cd10ce8857a4592ad740228df806af563b8ecb30c143be0c0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b15f8a133a7adb5cc03798e9343844e2538879f9915e18353c05ef7b112317bb
b2eb2453a3c24a22b40fcf68f171640c9ef53196308130199c9d4f2c1b2ab6cd
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
b69773dcbb510737999108690126d5326d529d8aa853492f94464fc0826adb59
b9649e0e9e5790f8d6b5e69aa4ff9969e8f7d72a84f8501ff9379078005124d8
c30dc39ff7449779c568ff4e90c170f01eae00486dc5b5e6595656d0c517439a
c3a2f8ef206c54e505719cbdfe2f7c5732d80d4e01ab277b2f869acb3d062497
c4f218c257c82336bf1cb04a93e22a83077bd037a3e1c2328f191bf3b1c0b62d
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca7d5a19dfabdad67ba04b94aa9ddc33949f2a48c0c129dd7eeb279a1b0d9a2f
cda851ced6071adcde40501c1c09e21fd48be1594567337f82711a6371b9779c
d0647d8975d5c92ea700e635befca523c5aac18754b8454d954909fe070e68cc
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc93c5b3243e66c7b2e27c51b76fa6a11bd7a6d7546c5fa26bbffa001f885305
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e189b6269fc9c19343d172b50d26939bc988ba9ee4b75bd7e39268ce9926c05b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9f698755ba159787b6d5cdbb49a282aabcf10e099b041f861983d27ac57466e
eb6c2bc580b14f87667a93f96cc7644b5c69e70087ae9b7a38fc9ea239d35cc2
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ec0fbc4c961bfe24455c67ed51cd4ccd360036df80bb467d0d1814a118a9229b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f784bdae89887d6c9a1d2452ca83d2444ff4d4a12a1a2484ab2ff6b370912408
f849b77f042b8b076bfed5acabcf703274242c8ec9eb10ffba9115ba9a18018a
fb3f94fbcdc05ae7c03ee8e9abc85d95bd0730e7a58387a58bc700afb6a7eacd
fc11ae1919d2e054d5af3535739aaa85f73f873bc49253cfd54ac332fdcfd94f
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a