www.sygnia.co Open in urlscan Pro
141.193.213.10  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4003889&time=1718851236786&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&tm=gtmv2 HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4003889&time=1718851236786&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&tm=gtmv2&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4003889%26time%3D1718851236786%26url%3Dhttps%253A%252F%252Fwww.sygnia.co%252Fblog%252Fchina-nexus-threat-group-velvet-ant%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4003889&time=1718851236786&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4003889&time=1718851236786&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJrWOBOYjH3MQAAAZAzhHXiUNUHJmhrAEd72B-EcUijg75_hZO3EM-otX072IQMY66gQA

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
32 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/	268 KB 37 KB	504ms 476ms	Document text/html	141.193.213.10 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / WP Engine Resource Hash b126387f655df783fde23202f818a13946042e439fad439a1ba1f8f17cbf17e4 Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=600, must-revalidate cf-cache-status DYNAMIC cf-ray 8968651fe8943438-NRT content-encoding br content-type text/html; charset=UTF-8 date Thu, 20 Jun 2024 02:40:36 GMT link <https://www.sygnia.co/wp-json/>; rel="https://api.w.org/" <https://www.sygnia.co/wp-json/wp/v2/posts/3313>; rel="alternate"; type="application/json" <https://www.sygnia.co/?p=3313>; rel=shortlink server cloudflare vary Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie x-cache HIT: 15 x-cache-group normal x-cacheable SHORT x-powered-by WP Engine
GET H2	200	style.min.css sygnia.b-cdn.net/wp-includes/css/dist/block-library/	111 KB 16 KB	18ms 2ms	Stylesheet text/css	2400:52e0:1501::1066:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-includes/css/dist/block-library/style.min.css?ver=0a0d0997e3f8080a81b66a80d65e3dc1 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1501::1066:1 , Japan, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-JP1-1066 / Resource Hash 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br cf-cache-status MISS cdn-edgestorageid 1194 cdn-cachedat 05/22/2024 07:46:27 cdn-pullzone 2091526 alt-svc h3=":443" last-modified Tue, 21 May 2024 16:10:13 GMT server BunnyCDN-JP1-1066 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"664cc765-1bae5" vary Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid c93803e49f1c6c6ccb82039f1b7aedec cf-ray 887b314a1ed08aa2-NRT cdn-requestcountrycode JP access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	style.css sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/	7 KB 3 KB	17ms 1ms	Stylesheet text/css	2400:52e0:1501::1066:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/style.css?ver=1718618133 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1501::1066:1 , Japan, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-JP1-1066 / Resource Hash 4068ecd121480d5fb546c1974025488ad7657c731f383807e51d7e22a0ae4a03 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br cf-cache-status MISS cdn-edgestorageid 990 cdn-cachedat 05/22/2024 02:08:11 cdn-pullzone 2091526 alt-svc h3=":443" last-modified Tue, 21 May 2024 16:13:50 GMT server BunnyCDN-JP1-1066 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"664cc83e-1b26" vary Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid 8a3d07addb7da7618314c949bde9dd85 cf-ray 887941c68b6e8a96-NRT cdn-requestcountrycode JP access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	start.css sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/	32 KB 7 KB	17ms 2ms	Stylesheet text/css	2400:52e0:1501::1066:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/start.css?ver=1718618133 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1501::1066:1 , Japan, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-JP1-1066 / Resource Hash e0f8484362935eb3c7724c5a551611b89f0d22a6c209f4f020fa3e66d1766a81 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br cf-cache-status MISS cdn-edgestorageid 1061 cdn-cachedat 05/22/2024 02:08:11 cdn-pullzone 2091526 alt-svc h3=":443" last-modified Tue, 21 May 2024 16:13:50 GMT server BunnyCDN-JP1-1066 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"664cc83e-7f2c" vary Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid 4987c1f458c90ad4667d33665389e4a9 cf-ray 887941c53fe4e07a-NRT cdn-requestcountrycode JP access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	vendor.css sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/	79 KB 14 KB	18ms 3ms	Stylesheet text/css	2400:52e0:1501::1066:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/vendor.css?ver=1718618133 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1501::1066:1 , Japan, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-JP1-1066 / Resource Hash beb3d3261844647f8ad40783030656786f17ac89edcdf556f2e232bc6ac5656e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br cf-cache-status MISS cdn-edgestorageid 1150 cdn-cachedat 05/22/2024 02:08:11 cdn-pullzone 2091526 alt-svc h3=":443" last-modified Tue, 21 May 2024 16:13:50 GMT server BunnyCDN-JP1-1066 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"664cc83e-13a7a" vary Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid 46fba10ae6add56df62b164a357d7c78 cf-ray 887941c539727365-NRT cdn-requestcountrycode JP access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	main.css sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/	387 KB 52 KB	19ms 4ms	Stylesheet text/css	2400:52e0:1501::1066:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1718618133 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1501::1066:1 , Japan, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-JP1-1066 / Resource Hash 5ef1ec86440bd5517d008284eec6c36b8283deda9793276bbf464438f7904cb9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br cf-cache-status MISS cdn-edgestorageid 1188 cdn-cachedat 05/22/2024 02:08:11 cdn-pullzone 2091526 alt-svc h3=":443" last-modified Tue, 21 May 2024 16:13:50 GMT server BunnyCDN-JP1-1066 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"664cc83e-60b63" vary Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid 71cef3e5153740d3cdbdebe72e37b047 cf-ray 887941c53df1807d-NRT cdn-requestcountrycode JP access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	jquery.min.js Show response sygnia.b-cdn.net/wp-includes/js/jquery/	86 KB 31 KB	3ms 1ms	Script application/javascript	2400:52e0:1501::1066:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1501::1066:1 , Japan, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-JP1-1066 / Resource Hash cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br cf-cache-status HIT cdn-edgestorageid 1150 age 6456 cdn-cachedat 05/22/2024 02:08:11 cdn-pullzone 2091526 alt-svc h3=":443" last-modified Tue, 21 May 2024 16:10:12 GMT server BunnyCDN-JP1-1066 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"664cc764-15601" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid 643cdba2301e28e0baf9f3e5fe95f71b cf-ray 887941c90ea31f1f-NRT cdn-requestcountrycode JP cdn-status 200 cdn-requestpullsuccess True
GET H2	200	jquery-migrate.min.js Show response sygnia.b-cdn.net/wp-includes/js/jquery/	13 KB 5 KB	2ms 2ms	Script application/javascript	2400:52e0:1501::1066:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1501::1066:1 , Japan, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-JP1-1066 / Resource Hash 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br cf-cache-status HIT cdn-edgestorageid 1185 age 6456 cdn-cachedat 05/22/2024 02:08:11 cdn-pullzone 2091526 alt-svc h3=":443" last-modified Tue, 21 May 2024 16:10:12 GMT server BunnyCDN-JP1-1066 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"664cc764-3509" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid f4f905ed08d0af8b83031141b78a55c6 cf-ray 887941c95a211f33-NRT cdn-requestcountrycode JP cdn-status 200 cdn-requestpullsuccess True
GET H3	200	v2.js Show response js.hsforms.net/forms/embed/	482 KB 156 KB	42ms 21ms	Script application/javascript	104.18.141.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsforms.net/forms/embed/v2.js Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.141.119 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee3184f88b136b6ad521ec8d57fcf138b0c78172ee82e5d8773998bebac6486d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding gzip age 494 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5387/bundles/project-v2.js&cfRay=89685914cfdd1ec0-NRT x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"56164b8f5dbcf6e65e555e48d5d6176a" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control s-maxage=600, max-age=300 x-hs-target-asset forms-embed/static-1.5387/bundles/project-v2.js date Thu, 20 Jun 2024 02:40:36 GMT x-amz-version-id mnlqbpb.vUvH_hPLxl7NeOxIrfIBia92 x-content-type-options nosniff cf-cache-status HIT via 1.1 36b04143ac1626bb30bb225fb2cccb1e.cloudfront.net (CloudFront) nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD12-P3 x-hubspot-correlation-id e3dbb460-6df3-4f19-afe6-a9f96596e049 x-cache Hit from cloudfront cache-tag staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod x-envoy-upstream-service-time 1 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id e3dbb460-6df3-4f19-afe6-a9f96596e049 last-modified Thu, 06 Jun 2024 13:36:59 UTC server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b0HIrWu0jkoW1lEUu41uY5YU8tS%2F4a%2FctJGaoEeNrITqZqr7Uf3CwRUqUZ3wVAVgbESVkn41QF2WKtNTM63fKoYmIOvYUazV6Cj4AJcH7xR0Ea6ew10e7N9XgcoNNy%2BS"}],"group":"cf-nel","max_age":604800} x-hs-cache-status HIT x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-qbnbs cf-ray 896865230b8d264e-NRT x-amz-cf-id 2cKlKMVnNRRUJsjDyD1Z_4otn4rF0BtRxbkf_8fXtVn65WtDp_liDg==
GET H2	200	8776530.js Show response js.hs-scripts.com/	2 KB 1 KB	241ms 219ms	Script application/javascript	2606:4700::6810:8cd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/8776530.js Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8cd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce815cb526ec5900d8a53b81bf753dd20a2762a8aed5b230f4544f6253085080 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 294ec9e0-fc93-4b2e-81ab-359308e6c516 x-envoy-upstream-service-time 17 content-length 635 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 294ec9e0-fc93-4b2e-81ab-359308e6c516 last-modified Thu, 20 Jun 2024 02:36:55 GMT server cloudflare vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://www.sygnia.co x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-d7kd4 access-control-allow-credentials true cache-control public, max-age=90 accept-ranges bytes cf-ray 896865239c10e384-NRT expires Thu, 20 Jun 2024 02:42:06 GMT
GET H3	200	main_logo.svg www.sygnia.co/wp-content/uploads/2024/01/	2 KB 1 KB	13ms 13ms	Image image/svg+xml	141.193.213.10 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sygnia.co/wp-content/uploads/2024/01/main_logo.svg Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6d635cb5df71d3b41ecf01e08f469d63957b1f4eaa39944e9787e0a267ae22c9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br cf-cache-status HIT last-modified Mon, 17 Jun 2024 09:50:45 GMT server cloudflare age 230787 etag W/"667006f5-6c1" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 89686522ec223438-NRT alt-svc h3=":443"; ma=86400
GET H3	200	icon_info.svg www.sygnia.co/wp-content/uploads/2024/01/	274 B 403 B	26ms 19ms	Image image/svg+xml	141.193.213.10 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sygnia.co/wp-content/uploads/2024/01/icon_info.svg Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 482bfcc25fc36b5ca7cfdbb76380da0a6df7000a0c238edfaa82b1dfaa0d8526 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br cf-cache-status HIT last-modified Mon, 17 Jun 2024 09:50:45 GMT server cloudflare age 1442 etag W/"667006f5-112" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 896865239cee3438-NRT alt-svc h3=":443"; ma=86400
GET H3	200	share_item_facebook.svg www.sygnia.co/wp-content/themes/sygnia-theme/images/	284 B 435 B	27ms 20ms	Image image/svg+xml	141.193.213.10 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sygnia.co/wp-content/themes/sygnia-theme/images/share_item_facebook.svg Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash ab45f33a794552f8e14ae66eaf6af4ba0bd9f1cc02896012ff4968fad5a9713b Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br cf-cache-status HIT last-modified Mon, 17 Jun 2024 09:50:45 GMT server cloudflare age 224928 etag W/"667006f5-11c" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 896865239cf13438-NRT alt-svc h3=":443"; ma=86400
GET H3	200	share_item_x.svg www.sygnia.co/wp-content/themes/sygnia-theme/images/	321 B 452 B	30ms 23ms	Image image/svg+xml	141.193.213.10 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sygnia.co/wp-content/themes/sygnia-theme/images/share_item_x.svg Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 5bf0b35b5dce9e77690dafd5e5ea233b31e02101cc6a73f5d0416ac114792e35 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br cf-cache-status HIT last-modified Mon, 17 Jun 2024 09:50:45 GMT server cloudflare age 11406 etag W/"667006f5-141" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 896865239cf43438-NRT alt-svc h3=":443"; ma=86400
GET H3	200	share_item_linkedin.svg www.sygnia.co/wp-content/themes/sygnia-theme/images/	516 B 541 B	24ms 18ms	Image image/svg+xml	141.193.213.10 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sygnia.co/wp-content/themes/sygnia-theme/images/share_item_linkedin.svg Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 88934ea7e6d53babd8bae2f0d386a9a8f40104b1fdd9c52e7a62cfe15bb47b63 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br cf-cache-status HIT last-modified Mon, 17 Jun 2024 09:50:45 GMT server cloudflare age 224927 etag W/"667006f5-204" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 896865239cf53438-NRT alt-svc h3=":443"; ma=86400
GET H3	200	share_item_mail.svg www.sygnia.co/wp-content/themes/sygnia-theme/images/	319 B 439 B	27ms 21ms	Image image/svg+xml	141.193.213.10 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sygnia.co/wp-content/themes/sygnia-theme/images/share_item_mail.svg Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash da53520a115493051abcf091908a7515afea76d2c9a707a0493f2021cafd20a3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br cf-cache-status HIT last-modified Mon, 17 Jun 2024 09:50:45 GMT server cloudflare age 224927 etag W/"667006f5-13f" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 896865239cf83438-NRT alt-svc h3=":443"; ma=86400
GET H3	200	article_card_lines_decor.svg www.sygnia.co/wp-content/themes/sygnia-theme/images/	5 KB 902 B	17ms 16ms	Image image/svg+xml	141.193.213.10 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sygnia.co/wp-content/themes/sygnia-theme/images/article_card_lines_decor.svg Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 03f49a978258eb1f89518f68f6ece0bdf3dde0344349569ee8817b36e7189876 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br cf-cache-status HIT last-modified Mon, 17 Jun 2024 09:50:45 GMT server cloudflare age 224928 etag W/"667006f5-12a6" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 896865232c733438-NRT alt-svc h3=":443"; ma=86400
GET H3	200	social_linkedin_white.svg www.sygnia.co/wp-content/uploads/2024/05/	530 B 550 B	28ms 22ms	Image image/svg+xml	141.193.213.10 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sygnia.co/wp-content/uploads/2024/05/social_linkedin_white.svg Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash fb6783e593b49bb9261e7639dea5b37b3bbe225c4b3827310940ce752b3b6add Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br cf-cache-status HIT last-modified Mon, 17 Jun 2024 09:50:41 GMT server cloudflare age 230786 etag W/"667006f1-212" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 896865239cf93438-NRT alt-svc h3=":443"; ma=86400
GET H3	200	social_x_white.svg www.sygnia.co/wp-content/uploads/2024/05/	346 B 466 B	23ms 17ms	Image image/svg+xml	141.193.213.10 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sygnia.co/wp-content/uploads/2024/05/social_x_white.svg Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 60951d4152b680cf26897b16cf061939b15b33e76066bdaea8a8398703ee5d19 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br cf-cache-status HIT last-modified Mon, 17 Jun 2024 09:50:41 GMT server cloudflare age 230786 etag W/"667006f1-15a" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 896865239cfa3438-NRT alt-svc h3=":443"; ma=86400
GET H2	200	jquery.selectric.min.js Show response sygnia.b-cdn.net/wp-content/themes/sygnia-theme/scripts/	14 KB 5 KB	8ms 0ms	Script application/javascript	2400:52e0:1501::1066:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/themes/sygnia-theme/scripts/jquery.selectric.min.js?ver=1.0.90 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1501::1066:1 , Japan, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-JP1-1066 / Resource Hash 570131c06e2b9e41ab9917ab39ecb6bbb063c2433abbaff89ea3335c7bd7d5ee Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br cf-cache-status HIT cdn-edgestorageid 1149 age 6455 cdn-cachedat 05/22/2024 02:08:11 cdn-pullzone 2091526 alt-svc h3=":443" last-modified Tue, 21 May 2024 16:10:20 GMT server BunnyCDN-JP1-1066 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"664cc76c-384b" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid 2f86085113d612fc5955627b50136d0a cf-ray 887941ca9839e39b-NRT cdn-requestcountrycode JP cdn-status 200 cdn-requestpullsuccess True
GET H2	200	jquery.mCustomScrollbar.concat.min.js Show response sygnia.b-cdn.net/wp-content/themes/sygnia-theme/scripts/	39 KB 12 KB	8ms 1ms	Script application/javascript	2400:52e0:1501::1066:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/themes/sygnia-theme/scripts/jquery.mCustomScrollbar.concat.min.js?ver=1.0.90 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1501::1066:1 , Japan, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-JP1-1066 / Resource Hash 3ac859f905d1e38eed93ebb76953499f9078693adfeb41668915a47e4acebb1e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br cf-cache-status HIT cdn-edgestorageid 990 age 6455 cdn-cachedat 05/22/2024 02:08:11 cdn-pullzone 2091526 alt-svc h3=":443" last-modified Tue, 21 May 2024 16:10:20 GMT server BunnyCDN-JP1-1066 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"664cc76c-9cae" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid acb6cef31f9192e4a8f00976d0a6411c cf-ray 887941ca7fb08a96-NRT cdn-requestcountrycode JP cdn-status 200 cdn-requestpullsuccess True
GET H2	200	lazyload.min.js Show response sygnia.b-cdn.net/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/	9 KB 4 KB	8ms 1ms	Script application/javascript	2400:52e0:1501::1066:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1501::1066:1 , Japan, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-JP1-1066 / Resource Hash f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br cf-cache-status HIT cdn-edgestorageid 1193 age 6455 cdn-cachedat 05/22/2024 02:08:11 cdn-pullzone 2091526 alt-svc h3=":443" last-modified Tue, 21 May 2024 16:10:21 GMT server BunnyCDN-JP1-1066 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"664cc76d-22bc" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid 1f22eba782ce34ca18040c9e4b5f9ca7 cf-ray 887941ca980d25ea-NRT cdn-requestcountrycode JP cdn-status 200 cdn-requestpullsuccess True
GET H2	200	js Show response www.googletagmanager.com/gtag/	331 KB 107 KB	119ms 58ms	Script application/javascript	2404:6800:400a:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-3XBPCMRFD6 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0e4e43aa0f0111e9a03a8ed797c9143e0c30813ac51e294924e76e075ef6da65 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 109652 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 20 Jun 2024 02:40:36 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	334 KB 108 KB	128ms 68ms	Script application/javascript	2404:6800:400a:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5L47WTV Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash edf9099ef36c4a03d689906c4eebb18ab2ed778e074ae3a6b720395b09d066c5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 110599 x-xss-protection 0 last-modified Thu, 20 Jun 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 20 Jun 2024 02:40:36 GMT
GET DATA	200 OK	truncated /	70 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash acfaaf62bff0119246c65258ed4eddfff3758441c562b3726627e377d6939118 Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 50410fbc6131cebfceefaa33c1c9e04417e2a1f022a13dbb23486a39b3ad23e1 Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 20b45d5bce36aad5a15e7764f5e2fb5375e9402bfc1982c121b499335805ca8e Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7ee5c739681588a99eef62fe74b53f6f7951b494df59469bc806199a2c36b8cd Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 13420e2ab328e317e36049945692f0350cc1740f32059f7e891784e97190877c Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 440f605d063e19f1e06baeb6a34d17963626c11c4b3e6c377908e45c4e5238ed Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1c5d931117615c91d0f3f4b65ec87c68647a30a358dddfe5d6ab46f4b0bac939 Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9466705eb27c2bd68a0ad061508b1c064ea7307079c4f497a7c6a152715933e8 Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fcef787036dbfef77ad9a0303a91850376867e85d1de02d4200026db785a6988 Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 36eff6bf944482ce474b49e5245507f65edf49455fda377c762d09b639fe62a6 Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4cd44939e2a40d2edf57d2c2c5fad51d26aecddbb2a14cbf288ebea6cfeecfc5 Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0d4d3a229240ee2f7f12e1286b6f7759df6228f1942d1b3debda6349ef1f90fc Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0fc0b91f46e1c00dd3bc09f13bda3ba51f0887c1d607f024a03e9a51e79e8c74 Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 59aae364c9b619b7493674b87d266f058349bf4c6ac8ae78c90c3b192b8e5177 Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d540e7278f54d50e5b78445c8f31034e81d1a3abe4ab98cf23f31cfb9babf670 Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fe175078011d8981c15d5be839df9fccb7c4d8640bb6d9e495cd23d6e5e32cb3 Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c5580d46d80a0fc3b81e22b5f7c82a42435c04d5b7817586034145a22798c44c Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 393dbca9f5658eaf4859e39a8ee1fc05b1e0f653a8ae92db8ff50e5c234eab0a Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 39c5b9da29291f6b37c7e9428f2de883301f85f5e9cbfce66712875fb7c45d7a Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	253 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8746996314732452443328c9005778a65f59fb3ce23886256f4ce5cc826f36cf Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	685 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6363e009d5233d3a07b75315cea4838f87d86cedef07bc9e7b2fe80b4b6707f3 Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	248 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a6d94bba3091f01e612c8a679efbb3eb688b7d20da216fa254a92cecd6572865 Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	250 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 04ecc921a16e8836f1479f6b04e16114c1273410eda3be11428581d344afbfdd Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	article_card_lines_decor_huge.svg sygnia.b-cdn.net/wp-content/themes/sygnia-theme/images/	5 KB 1 KB	3ms 3ms	Image image/svg+xml	2400:52e0:1501::1066:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://sygnia.b-cdn.net/wp-content/themes/sygnia-theme/images/article_card_lines_decor_huge.svg Requested by Host: sygnia.b-cdn.net URL: https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1718618133 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1501::1066:1 , Japan, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-JP1-1066 / Resource Hash b9859c9773072556f0e8de582865e66fc2ee3a01853385e9b44c3e3a1fa652ef Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1718618133 Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br cf-cache-status MISS cdn-edgestorageid 1097 cdn-cachedat 05/22/2024 07:46:28 cdn-pullzone 2091526 alt-svc h3=":443" last-modified Tue, 21 May 2024 16:10:20 GMT server BunnyCDN-JP1-1066 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"664cc76c-1268" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid 04b2f77da9ab3caebc4672d124b57845 cf-ray 887b314d7d59af82-NRT cdn-requestcountrycode JP cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ATFFranklinGothic-Medium.otf sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/	97 KB 98 KB	6ms 2ms	Font application/octet-stream	2400:52e0:1501::1066:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/ATFFranklinGothic-Medium.otf Requested by Host: sygnia.b-cdn.net URL: https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1718618133 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1501::1066:1 , Japan, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-JP1-1066 / Resource Hash 5d47d588556711a601728fc8a6d02c6b4fe8069210b411d2408359fee9a2ed6f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1718618133 Origin https://www.sygnia.co Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT cf-cache-status HIT cdn-edgestorageid 1188 age 6456 cdn-cachedat 05/22/2024 02:08:12 cdn-pullzone 2091526 alt-svc h3=":443" content-length 99492 last-modified Tue, 21 May 2024 16:10:20 GMT server BunnyCDN-JP1-1066 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "664cc76c-184a4" content-type application/octet-stream access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid 38a84dff50bbe0f3f9b4eb2f89de469d accept-ranges bytes cf-ray 887941ce8840806f-NRT cdn-requestcountrycode JP cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ATFAlternateGothic-Medium.otf sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/	132 KB 133 KB	9ms 5ms	Font application/octet-stream	2400:52e0:1501::1066:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/ATFAlternateGothic-Medium.otf Requested by Host: sygnia.b-cdn.net URL: https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1718618133 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1501::1066:1 , Japan, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-JP1-1066 / Resource Hash 7d3d1b5a7db60fd338b0765356fd2813d0d6d9600639845d645c49e2c61e5bf8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1718618133 Origin https://www.sygnia.co Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT cf-cache-status HIT cdn-edgestorageid 1188 age 6456 cdn-cachedat 05/22/2024 02:08:12 cdn-pullzone 2091526 alt-svc h3=":443" content-length 135264 last-modified Tue, 21 May 2024 16:10:21 GMT server BunnyCDN-JP1-1066 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "664cc76d-21060" content-type application/octet-stream access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid 50ee61f918e353e315c3b6b5f7d8ed70 accept-ranges bytes cf-ray 887941ce7df6807d-NRT cdn-requestcountrycode JP cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ATFFranklinGothic-Regular.otf sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/	94 KB 94 KB	6ms 2ms	Font application/octet-stream	2400:52e0:1501::1066:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/ATFFranklinGothic-Regular.otf Requested by Host: sygnia.b-cdn.net URL: https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1718618133 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1501::1066:1 , Japan, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-JP1-1066 / Resource Hash d893fa560a64242185cfccd40f02e2267432daab306ca89dc8e4176b62d9cf3d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1718618133 Origin https://www.sygnia.co Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT cf-cache-status HIT cdn-edgestorageid 1188 age 6456 cdn-cachedat 05/22/2024 02:08:12 cdn-pullzone 2091526 alt-svc h3=":443" content-length 96116 last-modified Tue, 21 May 2024 16:10:20 GMT server BunnyCDN-JP1-1066 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "664cc76c-17774" content-type application/octet-stream access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid 9377b7d5775ebe6702b012731e8580f7 accept-ranges bytes cf-ray 887941ce8cbc3c1a-NRT cdn-requestcountrycode JP cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ATFFranklinGothic-Light.otf sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/	94 KB 94 KB	9ms 6ms	Font application/octet-stream	2400:52e0:1501::1066:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/ATFFranklinGothic-Light.otf Requested by Host: sygnia.b-cdn.net URL: https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1718618133 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1501::1066:1 , Japan, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-JP1-1066 / Resource Hash 6db159af02a213a7d4058f5ffe508392ca8d46478f1ded5a446ef9a0226fe52f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1718618133 Origin https://www.sygnia.co Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT cf-cache-status HIT cdn-edgestorageid 1098 age 6456 cdn-cachedat 05/22/2024 02:08:12 cdn-pullzone 2091526 alt-svc h3=":443" content-length 96140 last-modified Tue, 21 May 2024 16:10:20 GMT server BunnyCDN-JP1-1066 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "664cc76c-1778c" content-type application/octet-stream access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid 23b235d606204b871c948f5a9fda4cee accept-ranges bytes cf-ray 887941ce9ebdaf82-NRT cdn-requestcountrycode JP cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ATFFranklinGothic-Heavy.otf sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/	102 KB 103 KB	9ms 6ms	Font application/octet-stream	2400:52e0:1501::1066:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/ATFFranklinGothic-Heavy.otf Requested by Host: sygnia.b-cdn.net URL: https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1718618133 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1501::1066:1 , Japan, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-JP1-1066 / Resource Hash cc2b240009df1ede0c3884229e7e7d14a04752dca62910c215f871188b1c91f0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1718618133 Origin https://www.sygnia.co Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT cf-cache-status HIT cdn-edgestorageid 1188 age 6456 cdn-cachedat 05/22/2024 02:08:12 cdn-pullzone 2091526 alt-svc h3=":443" content-length 104484 last-modified Tue, 21 May 2024 16:10:20 GMT server BunnyCDN-JP1-1066 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "664cc76c-19824" content-type application/octet-stream access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid bae70670bf7ad3923793a5dd0276f8f8 accept-ranges bytes cf-ray 887941ce898fe04f-NRT cdn-requestcountrycode JP cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ATFFranklinGothic-Bold.otf sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/	100 KB 100 KB	8ms 5ms	Font application/octet-stream	2400:52e0:1501::1066:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/ATFFranklinGothic-Bold.otf Requested by Host: sygnia.b-cdn.net URL: https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1718618133 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1501::1066:1 , Japan, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-JP1-1066 / Resource Hash 9d205ce526929a67b4b7f36717fd842e28b560d1837d46a552a55988f13fe898 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1718618133 Origin https://www.sygnia.co Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT cf-cache-status MISS cdn-edgestorageid 1064 cdn-cachedat 05/22/2024 02:08:13 cdn-pullzone 2091526 alt-svc h3=":443" content-length 102192 last-modified Tue, 21 May 2024 16:10:21 GMT server BunnyCDN-JP1-1066 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "664cc76d-18f30" content-type application/octet-stream access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid ffc3ce78d5c1d9516465bb4b288e833d accept-ranges bytes cf-ray 887941ce9b543414-NRT cdn-requestcountrycode JP cdn-status 200 cdn-requestpullsuccess True
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7aa22f1345830677872990b5c195b73f0c11cb69ec8d50481fb5f51a486775dc Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	70 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 23af52792bbf8dbb7290f297ff42ba6c1ced9c38072b1b71aaef087351596743 Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	70 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ba9362bb0507b75f49c317210043a33ab2eccf279aae9dd99315328c936cbf2c Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	64 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	250 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash aefdd073a5a00a2b6959db7818278d0fdef8f0ef5d65312542de0d5bd32ca0f7 Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	250 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7ea5fb260d4b5370cf7050e2e921c6a1bd6117d4ae54058649b803177fb6bcd9 Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	255 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 65f8b1c674f201983d6930f4670a451f2677db1f2352921ea3ec16d2a00c5d7e Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	243 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0c9d2afbb789c07d465dddd42752f23d3c74c414f2baa27bc5193bbfdd6f6596 Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	jquery.mousewheel.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/	3 KB 2 KB	21ms 11ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js Requested by Host: sygnia.b-cdn.net URL: https://sygnia.b-cdn.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1147859 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1046 last-modified Mon, 04 May 2020 16:11:46 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec2-ad3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E7CY98GoxmNaFrCJjvRM5m7wWgGoTaNQ3JDJM1ziLwmd3uJNYUX1z4UTaIZkxbCSxDJlNxEQJn7mDzy5RgtqmHFgWTo46QVf2GhQd6vpP19lPV68V1GwFSSoirc37hfkLVCjXot5"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 89686524ec682617-NRT expires Tue, 10 Jun 2025 02:40:36 GMT
GET H3	200	json Show response forms.hsforms.com/embed/v3/form/8776530/1ad9c304-415a-4d9d-ba10-a5145c1db1c3/	2 KB 2 KB	559ms 542ms	XHR application/json	104.18.80.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hsforms.com/embed/v3/form/8776530/1ad9c304-415a-4d9d-ba10-a5145c1db1c3/json?hs_static_app=forms-embed&hs_static_app_version=1.5387&X-HubSpot-Static-App-Info=forms-embed-1.5387 Requested by Host: js.hsforms.net URL: https://js.hsforms.net/forms/embed/v2.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ba70294cbe54520d748adff5e33db6ed10570dcad5e8cc39e1f9478360e8b65b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/json, text/plain, */* Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-origin-hublet na1 date Thu, 20 Jun 2024 02:40:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC strict-transport-security max-age=31536000; includeSubDomains; preload x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id d153a71b-e5f3-44a9-a288-5e22a0c17807 x-envoy-upstream-service-time 11 alt-svc h3=":443"; ma=86400 content-length 1129 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id d153a71b-e5f3-44a9-a288-5e22a0c17807 server cloudflare vary origin access-control-allow-methods OPTIONS, GET content-type application/json;charset=utf-8 access-control-allow-origin https://www.sygnia.co x-evy-trace-virtual-host all access-control-expose-headers X-Origin-Hublet access-control-max-age 180 access-control-allow-credentials false cache-control max-age=0, no-cache, no-store x-robots-tag none access-control-allow-headers * cf-ray 89686524fbaf8077-NRT x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-cgx6f
GET H3	200	json Show response forms.hsforms.com/embed/v3/form/8776530/1ad9c304-415a-4d9d-ba10-a5145c1db1c3/	2 KB 2 KB	757ms 200ms	XHR application/json	104.18.80.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hsforms.com/embed/v3/form/8776530/1ad9c304-415a-4d9d-ba10-a5145c1db1c3/json?hs_static_app=forms-embed&hs_static_app_version=1.5387&X-HubSpot-Static-App-Info=forms-embed-1.5387 Requested by Host: js.hsforms.net URL: https://js.hsforms.net/forms/embed/v2.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40e3bb7f23967a391e4a4febcc87985165dff09471ed6350c3ecbf000c3ad314 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/json, text/plain, */* Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-origin-hublet na1 date Thu, 20 Jun 2024 02:40:37 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC strict-transport-security max-age=31536000; includeSubDomains; preload x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 86468595-5553-4498-b25a-1fa7153c7cea x-envoy-upstream-service-time 10 alt-svc h3=":443"; ma=86400 content-length 1129 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 86468595-5553-4498-b25a-1fa7153c7cea server cloudflare vary origin access-control-allow-methods OPTIONS, GET content-type application/json;charset=utf-8 access-control-allow-origin https://www.sygnia.co x-evy-trace-virtual-host all access-control-expose-headers X-Origin-Hublet access-control-max-age 180 access-control-allow-credentials false cache-control max-age=0, no-cache, no-store x-robots-tag none access-control-allow-headers * cf-ray 8968652859e78077-NRT x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-4xq5s
GET H3	200	Malware-2.png.webp www.sygnia.co/wp-content/uploads/2024/06/	117 KB 118 KB	20ms 20ms	Image image/webp	141.193.213.10 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sygnia.co/wp-content/uploads/2024/06/Malware-2.png.webp Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash c8d40e0175b81f1c7aaccd9bef47170e06cf8ab80af2879782f130a0e3206363 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT cf-cache-status HIT last-modified Mon, 17 Jun 2024 11:06:18 GMT server cloudflare age 201 etag "667018aa-1d552" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 896865251e883438-NRT alt-svc h3=":443"; ma=86400 content-length 120146
POST H2	204	collect analytics.google.com/g/	0 0	122ms 49ms	Fetch text/plain	2404:6800:400a:80a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-3XBPCMRFD6&gtm=45je46h0v9100139776za200&_p=1718851236407&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=729620846.1718851237&ul=ja-jp&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718851236&sct=1&seg=0&dl=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&dt=In-Depth%20Analysis%3A%20Velvet%20Ant%27s%20Prolonged%20Cyber%20Attack%20on%20a%20Large%20Organization&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=906&_z=fetch Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3XBPCMRFD6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:400a:80a::200e Osaka, Japan, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 20 Jun 2024 02:40:36 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.sygnia.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 253 B	147ms 36ms	Ping text/plain	2404:6800:4008:c19::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3XBPCMRFD6&cid=729620846.1718851237&gtm=45je46h0v9100139776za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3XBPCMRFD6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4008:c19::9a Taipei, Taiwan, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 20 Jun 2024 02:40:36 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.sygnia.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.co.jp/ads/	42 B 63 B	124ms 64ms	Image image/gif	172.217.25.163 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3XBPCMRFD6&cid=729620846.1718851237&gtm=45je46h0v9100139776za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=784639646 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.25.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS kix06s19-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 20 Jun 2024 02:40:36 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	261 KB 90 KB	66ms 64ms	Script application/javascript	2404:6800:400a:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-10796050850&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L47WTV Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 91ef250f5b010a0596987aee30cce2578cd6c8ef4bb14ca57116582364b39012 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 92543 x-xss-protection 0 last-modified Thu, 20 Jun 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 20 Jun 2024 02:40:36 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	261 KB 90 KB	55ms 55ms	Script application/javascript	2404:6800:400a:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-10796050850&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L47WTV Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 83a3e67da24cb948a156c0e6a130d4259ba7618c4135e05667277ad03eb17cba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 92549 x-xss-protection 0 last-modified Thu, 20 Jun 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 20 Jun 2024 02:40:36 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	38 KB 14 KB	52ms 8ms	Script application/javascript	2600:140b:a00:e::b81d:8cce AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L47WTV Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:140b:a00:e::b81d:8cce Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 18 Jun 2024 16:47:26 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=64870 accept-ranges bytes content-length 14004
GET H2	200	uwt.js Show response static.ads-twitter.com/	56 KB 15 KB	13ms 3ms	Script application/javascript	151.101.228.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L47WTV Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.228.157 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding gzip last-modified Wed, 27 Mar 2024 23:09:36 GMT x-amz-server-side-encryption AES256 etag "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip" vary Accept-Encoding,Host x-cache HIT, HIT content-type application/javascript; charset=utf-8 p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" x-tw-cdn FT cache-control no-cache accept-ranges bytes content-length 15412 x-served-by cache-iad-kiad7000135-IAD, cache-hnd18726-HND
GET H/1.1	200 OK	obtp.js Show response amplify.outbrain.com/cp/	28 KB 9 KB	18ms 7ms	Script application/x-javascript	23.37.117.132 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://amplify.outbrain.com/cp/obtp.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L47WTV Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.37.117.132 Tokyo, Japan, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-37-117-132.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash d1742437f4249d62b230420398cf6c027d28f11b62bae4a731cd10826bb34dc6 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 20 Jun 2024 02:40:36 GMT Content-Encoding gzip Last-Modified Sun, 09 Jun 2024 11:13:08 GMT Server AkamaiNetStorage ETag "582c5442aa270e6339a6ebe4378d12cf:1717931858.466651" Vary Accept-Encoding Content-Type application/x-javascript X-RG AS Cache-Control max-age=1200 X-CC JP Connection keep-alive Accept-Ranges bytes Content-Length 8571 Expires Thu, 20 Jun 2024 03:00:36 GMT
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	121ms 57ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L47WTV Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Thu, 20 Jun 2024 02:40:35 GMT last-modified Thu, 29 Feb 2024 19:58:06 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 50A8A49839B8452586C000DD83C0CB51 Ref B: TYBEDGE0614 Ref C: 2024-06-20T02:40:36Z etag "01b4e9c496bda1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13261
GET H2	200	tags.js Show response tag.clearbitscripts.com/v1/pk_b4fb7f423bd8c1db206dc4c6bf3a9e56/	2 KB 1 KB	304ms 242ms	Script application/javascript	2600:9000:2224:7c00:7:d7d6:3c40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tag.clearbitscripts.com/v1/pk_b4fb7f423bd8c1db206dc4c6bf3a9e56/tags.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L47WTV Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2224:7c00:7:d7d6:3c40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Clearbit / Resource Hash 26289e926f95ac9932d88178c690daf5df8af203ffa3b982657e35b3f72d71ab Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding gzip x-content-type-options nosniff x-envoy-response-flags - via 1.1 f1f4afba4268f1486380be4c4394d85c.cloudfront.net (CloudFront) server Clearbit strict-transport-security max-age=63072000; includeSubDomains; preload x-amz-cf-pop NRT57-P4 etag W/"9a419a5608a8efc4f0736c99a790fcb8" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript;charset=utf-8 cache-control private, max-age=600 x-amz-cf-id weaHqPz6IgdgwTz8KBBZW_f5NU08Q3dtyoKr5RV3Htdr4GQbiIw4KA==
GET H2	200	fb.js Show response js.hsadspixel.net/	6 KB 4 KB	57ms 5ms	Script application/javascript	2606:4700::6811:80ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsadspixel.net/fb.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/8776530.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:80ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c114a5641b9988aecb7a00c47bd1d37d912883ff4ef9c3b9fe6ad21603ab1066 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT x-amz-version-id 7Zz_oLsqoY3yHsxt9nM5YRwsj1MKwqFV content-encoding gzip x-content-type-options nosniff via 1.1 9d2dee9b44718f249b789987d2cbe62c.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop IAD12-P3 age 11 x-amz-server-side-encryption AES256 x-evy-trace-route-service-name envoyset-translator content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.565/bundles/pixels-release.js&cfRay=896864dccffb685a-NRT x-cache Hit from cloudfront x-hubspot-correlation-id e9ed7170-2cf4-48dc-aa93-a47945c4c985 cache-tag staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod x-envoy-upstream-service-time 1 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id e9ed7170-2cf4-48dc-aa93-a47945c4c985 last-modified Tue, 18 Jun 2024 12:46:30 UTC server cloudflare etag W/"b233ea75981268a81228cd819e8fd5eb" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-hs-cache-status HIT x-evy-trace-virtual-host all cache-control max-age=600 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-rl62l cf-ray 89686525d8e7f5c8-NRT x-amz-cf-id yUFFhC64w-ufmHbQntyAD6UggWhGCjP0pzQ-H2TcIgDXJLCsLoveDA== x-hs-target-asset adsscriptloaderstatic/static-1.565/bundles/pixels-release.js
GET H2	200	web-interactives-embed.js Show response js.hubspot.com/	82 KB 24 KB	251ms 199ms	Script application/javascript	2606:4700::6810:7674 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hubspot.com/web-interactives-embed.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/8776530.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a89c8b374ed1c8906af70baa4a0f75993a4a43aa7545786598cf820e4d02517 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Origin https://www.sygnia.co Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding gzip x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1183/bundles/project.js&cfRay=89686525d82faf3c-NRT x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"71d30408e8a4394bc3200e642ab7802d" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control max-age=600 x-hs-target-asset web-interactives-embed/static-2.1183/bundles/project.js date Thu, 20 Jun 2024 02:40:36 GMT x-amz-version-id c.dt9hh6keM4m12BcMYa6Rr6MpVATgRK x-content-type-options nosniff cf-cache-status EXPIRED via 1.1 a4f9ca051b97c1ac09e2af244690d376.cloudfront.net (CloudFront) nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD12-P3 x-hubspot-correlation-id 0aea8046-124d-456a-9c69-3897f9819428 x-cache Hit from cloudfront cache-tag staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod x-envoy-upstream-service-time 17 x-evy-trace-route-configuration listener_https/all x-request-id 0aea8046-124d-456a-9c69-3897f9819428 last-modified Thu, 13 Jun 2024 15:47:04 UTC server cloudflare access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilwTGxIhqOJjjSzh1g%2F0iE2%2FODnCGTM26OYxiDRcHS2ewLQOSk33gMEapR1KSxkbRDZaBJE4CVuk22Tn%2BPwpExuK27ZYw%2B9xxF%2BmiksV7yxoKA2aJLoYpMhEMqXP2bp10aCVCxSyZ%2FlLYcJh"}],"group":"cf-nel","max_age":604800} x-hs-cache-status MISS x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-rcvgx cf-ray 89686525d82faf3c-NRT x-amz-cf-id ekdMh-ma8apjSiD7yyGFj3IeI_zxXqE0GNGRPQ5FSYy6bxxeDAFNWw==
GET H2	200	8776530.js Show response js.hs-analytics.net/analytics/1718851200000/	67 KB 24 KB	262ms 215ms	Script text/javascript	2606:4700::6810:a0a8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1718851200000/8776530.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/8776530.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b3c542396dff8231c7cc4f46bf67aad962b55decd65f563b33409cff3871fa7 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT x-amz-version-id null content-encoding gzip cf-cache-status MISS x-amz-request-id TE5W9SZVMV6MDHPB x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 04bf5e3a-16c3-4542-9c54-bfdbe7731bd5 x-envoy-upstream-service-time 37 x-amz-id-2 mKOIM6RCXvDg13b6tfvIMy16xuWGmcbobJyxmSoacKnJuAJq8F6Bk2WD3Ajv7afLXfJq+aXIjcU= x-evy-trace-listener listener_https x-request-id 04bf5e3a-16c3-4542-9c54-bfdbe7731bd5 x-evy-trace-route-configuration listener_https/all last-modified Fri, 14 Jun 2024 13:01:07 GMT server cloudflare etag W/"f18eae7233dcb208f542ca0bf4ff2c08" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-qr8zh cache-control max-age=300,public access-control-allow-credentials false cf-ray 89686525e8fc1f0f-NRT expires Thu, 20 Jun 2024 02:45:36 GMT
GET H2	200	8776530.js Show response js.hs-banner.com/	62 KB 19 KB	62ms 15ms	Script text/javascript	2606:4700:4400::ac40:991b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/8776530.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/8776530.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c68393226d3633049135829ab9caba1bdbae820130979d2a7d6a452c4857a68a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT x-amz-version-id cKOjOKHy0gkD3vnvadsggOelDxgHEFKW content-encoding gzip cf-cache-status HIT x-amz-request-id T9N629P56BHKQ8RG x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 74887416-fbb2-4dad-83c9-f64d18fcd213 age 220 x-envoy-upstream-service-time 30 x-amz-id-2 FgDi6uC+i9faxPYcjR0fayHf5BXBKNCtRG2E93D51nQCjPDsl66FwBBn6Gg5Bzk5twM8abbGwyV9+Wvz5EcI6aGNGltBwC/vgl9sRow9Vcc= x-evy-trace-listener listener_https x-request-id 74887416-fbb2-4dad-83c9-f64d18fcd213 x-evy-trace-route-configuration listener_https/all last-modified Fri, 14 Jun 2024 13:01:06 GMT server cloudflare etag W/"2b29ebca7a42fcdc3b13bb1d1998bff9" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://www.sygnia.co x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-9fld2 vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 89686525ec29e0a0-NRT expires Thu, 20 Jun 2024 02:41:56 GMT
GET H2	200	adsct t.co/1/i/	43 B 375 B	152ms 102ms	Image image/gif	117.18.232.195 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=dafd8939-7ac7-4d6c-8dfe-bedaed167b1a&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=dce22439-3aa3-4432-81bd-05a48c44aefb&tw_document_href=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&tw_iframe_status=0&txn_id=o706g&type=javascript&version=2.3.30 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 117.18.232.195 , Australia, ASN15133 (EDGECAST, US), Reverse DNS Software tsa_m / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-response-time 96 date Thu, 20 Jun 2024 02:40:36 GMT strict-transport-security max-age=0 server tsa_m content-type image/gif;charset=utf-8 x-transaction-id 25849a6061692d16 cache-control no-cache, no-store, max-age=0 perf 7402827104 x-connection-hash 9704523b9df028750a08a0c35885d0b0f144ccfdc3c3d41f00d2302d96d6a203 content-length 43
GET H2	200	adsct analytics.twitter.com/1/i/	43 B 723 B	136ms 96ms	Image image/gif	104.244.42.195 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=dafd8939-7ac7-4d6c-8dfe-bedaed167b1a&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=dce22439-3aa3-4432-81bd-05a48c44aefb&tw_document_href=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&tw_iframe_status=0&txn_id=o706g&type=javascript&version=2.3.30 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.195 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_m / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-response-time 95 date Thu, 20 Jun 2024 02:40:36 GMT strict-transport-security max-age=631138519 server tsa_m content-type image/gif;charset=utf-8 x-transaction-id 5e516fc99adb9f20 cache-control no-cache, no-store, max-age=0 perf 7402827104 x-connection-hash 55a629bcbcc8b38d321e181dee2e6c26bfeb0adf94a1ac4998ce14e8338c7288 content-length 43
POST H/1.1	200 OK	unifiedPixel tr.outbrain.com/	53 B 513 B	522ms 138ms	Ping image/gif	38.133.127.95 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Full URL https://tr.outbrain.com/unifiedPixel?optOut=false&bust=08635453288866166&referrer=&cht=gtm&marketerId=0022184d276f78b50ef9abadeb48eabd8c&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5 Requested by Host: amplify.outbrain.com URL: https://amplify.outbrain.com/cp/obtp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.133.127.95 Sacramento, United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS Software / Resource Hash b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 20 Jun 2024 02:40:37 GMT content-encoding br Strict-Transport-Security max-age=31536000; includeSubDomains; preload Access-Control-Allow-Methods GET, POST Content-Type image/gif; Access-Control-Allow-Origin https://www.sygnia.co Cache-Control no-cache Access-Control-Allow-Credentials true X-TraceId 27ddcbc564b26d32244f119f24855aeb Access-Control-Allow-Headers Content-Type, Authorization Content-Length 54
GET H/1.1	200 OK	cachedClickId Show response tr.outbrain.com/	35 B 293 B	512ms 119ms	Script application/javascript	38.133.127.95 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Full URL https://tr.outbrain.com/cachedClickId?marketerId=0022184d276f78b50ef9abadeb48eabd8c Requested by Host: amplify.outbrain.com URL: https://amplify.outbrain.com/cp/obtp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.133.127.95 Sacramento, United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS Software / Resource Hash 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 20 Jun 2024 02:40:37 GMT content-encoding br Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-TraceId fb556066c8b4331ba3e3dece7dac115f Content-Length 39 Content-Type application/javascript
GET H/1.1	200 OK	0022184d276f78b50ef9abadeb48eabd8c Show response wave.outbrain.com/mtWavesBundler/handler/	2 B 516 B	18ms 7ms	Script text/html	23.37.117.132 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://wave.outbrain.com/mtWavesBundler/handler/0022184d276f78b50ef9abadeb48eabd8c Requested by Host: amplify.outbrain.com URL: https://amplify.outbrain.com/cp/obtp.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.37.117.132 Tokyo, Japan, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-37-117-132.deploy.static.akamaitechnologies.com Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload Content-Encoding gzip Date Thu, 20 Jun 2024 02:40:36 GMT ob-sent-time 1718776472824 ETag W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8" Vary Accept-Encoding Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * X-RG AS Cache-Control max-age=60 X-CC JP Connection keep-alive x-traceid 715c09198e704501fba0cd9653fde21a Content-Length 22 Expires Thu, 20 Jun 2024 02:41:36 GMT
GET H/1.1	200 OK	topics Show response amplify.outbrain.com/	26 B 301 B	22ms 6ms	Fetch text/html	23.37.117.132 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://amplify.outbrain.com/topics Requested by Host: amplify.outbrain.com URL: https://amplify.outbrain.com/cp/obtp.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.37.117.132 Tokyo, Japan, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-37-117-132.deploy.static.akamaitechnologies.com Software / Resource Hash 6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 20 Jun 2024 02:40:36 GMT Observe-Browsing-Topics ?1 Content-Type text/html Access-Control-Allow-Origin * X-RG AS Cache-Control max-age=1200 X-CC JP Connection keep-alive Content-Length 26 Expires Thu, 20 Jun 2024 03:00:36 GMT
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 562 B	132ms 105ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Accept * Referer https://www.sygnia.co/ sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 04B62618C86E46A6B160D0CBAD596E8D Ref B: TYAEDGE0910 Ref C: 2024-06-20T02:40:36Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 access-control-allow-origin https://www.sygnia.co x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYbST1lDWJ7WX3P1YshoA==
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 760 B	133ms 109ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=4003889&time=1718851236786&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&tm=gtmv2 Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept * Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding gzip x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 1F8D043BA73C4E169061E4DFACAD35C7 Ref B: TYAEDGE0808 Ref C: 2024-06-20T02:40:36Z access-control-allow-methods GET, OPTIONS x-li-fabric prod-lor1 access-control-allow-origin * x-cache CONFIG_NOCACHE content-type application/json x-li-proto http/2 x-restli-protocol-version 1.0.0 access-control-allow-headers * x-li-uuid AAYbST1lEjl0rBD7j9WN3A== x-fs-uuid 00061b493d65123974ac10fb8fd58ddc
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4003889&time=1718851236786&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&tm=gtmv2 https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4003889&time=1718851236786&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&tm=gtmv2&cookiesTest=true https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4003889%26time%3D1718851236786%26url%3Dhttps%253A%252F%252Fwww.sygnia.co%252Fblog... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4003889&time=1718851236786&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&tm=gtmv2&cookiesTest=true&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4003889&time=1718851236786&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&tm=gtmv2&cookiesTest=true&liSync=true&...	0 488 B	163ms 145ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4003889&time=1718851236786&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJrWOBOYjH3MQAAAZAzhHXiUNUHJmhrAEd72B-EcUijg75_hZO3EM-otX072IQMY66gQA Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer https://www.sygnia.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 20 Jun 2024 02:40:37 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: D9CBEAB6ECFA45FE929FB68587B16CB4 Ref B: TYAEDGE0706 Ref C: 2024-06-20T02:40:37Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-ltx1 x-li-proto http/2 content-length 0 x-li-uuid AAYbST1u4Up/2ujg3ZzDng== Redirect headers date Thu, 20 Jun 2024 02:40:36 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: A8BAFA2AA20E4D84B4CC226B8C7A5E5F Ref B: TYAEDGE0910 Ref C: 2024-06-20T02:40:37Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4003889&time=1718851236786&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJrWOBOYjH3MQAAAZAzhHXiUNUHJmhrAEd72B-EcUijg75_hZO3EM-otX072IQMY66gQA x-li-proto http/2 content-length 0 x-li-uuid AAYbST1sXZhS2Y9S5WgAaQ==
GET H2	200	json Show response api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/	114 B 1 KB	217ms 195ms	XHR application/json	2606:4700::6812:f16c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=8776530 Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f16c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f95beea21004e6e9ebb0833f42a3f497c4b38e06351270eaa32abff79dc94495 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id f8ae24b3-c382-4787-97b9-517de763c340 content-encoding br x-envoy-upstream-service-time 4 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id f8ae24b3-c382-4787-97b9-517de763c340 server cloudflare vary origin, Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://www.sygnia.co x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-4ldzq access-control-max-age 180 access-control-allow-credentials false x-evy-trace-virtual-host all report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oby9U2OssN1vxv5B3%2FnxBYs0dgv4BERH0xEaZGTMYhsEfrjZdBkTBbOK7LGPEbzUXTEt8eZPq2Ee2cV6eRBEi%2FCazfibX9i3gBvxNgZf1kJPbw8%2BRsGLU9UeVgt7Y64FY5uAm435JdK14W%2Fo"}],"group":"cf-nel","max_age":604800} cf-ray 8968652629ea1d67-NRT access-control-allow-headers *
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/10796050850/	4 KB 1 KB	99ms 49ms	Script text/javascript	142.250.76.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10796050850/?random=1718851236836&cv=11&fst=1718851236836&bg=ffffff&guid=ON&async=1&gtm=45be46h0v9113921578z8852649347za201zb852649347&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&hn=www.googleadservices.com&frm=0&tiba=In-Depth%20Analysis%3A%20Velvet%20Ant%27s%20Prolonged%20Cyber%20Attack%20on%20a%20Large%20Organization&npa=0&pscdl=noapi&auid=1623701962.1718851237&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-10796050850&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS kix07s06-in-f2.1e100.net Software cafe / Resource Hash c176101660555e8ab350267c67234a619ca10b1a8f3170c11ead49a6f9b01c80 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1509 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/10796050850/	4 KB 2 KB	73ms 65ms	Script text/javascript	142.250.76.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10796050850/?random=1718851236870&cv=11&fst=1718851236870&bg=ffffff&guid=ON&async=1&gtm=45be46h0v9113921578z8852649347za200zb852649347&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&hn=www.googleadservices.com&frm=0&tiba=In-Depth%20Analysis%3A%20Velvet%20Ant%27s%20Prolonged%20Cyber%20Attack%20on%20a%20Large%20Organization&npa=0&pscdl=noapi&auid=1623701962.1718851237&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-10796050850&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS kix07s06-in-f2.1e100.net Software cafe / Resource Hash b812358904484c750f2d97e060c2e6777765a663f40a21c68a7e9dc40fc1eaf1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 20 Jun 2024 02:40:36 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1525 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	187039095.js Show response bat.bing.com/p/action/	4 KB 2 KB	55ms 54ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/187039095.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 213f888fdda0335db8ba19d530207cfff84a89b4efb1e8dba6b436dccc8db309 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br date Thu, 20 Jun 2024 02:40:36 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: CCAF45EE49ED4A60901F95D2DEC1D540 Ref B: TYBEDGE0614 Ref C: 2024-06-20T02:40:36Z vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript; charset=utf-8 cache-control private,max-age=60
GET H2	204	0 bat.bing.com/action/	0 360 B	50ms 50ms	Image text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=187039095&Ver=2&mid=db9c97f9-e7fe-4f45-9db3-4b0e504f7988&sid=797948602eae11ef9583b92eecb50a92&vid=797943c02eae11ef9028c1aa7c2c1691&vids=1&msclkid=N&pi=918639831&lg=ja-JP&sw=1600&sh=1200&sc=24&tl=In-Depth%20Analysis%3A%20Velvet%20Ant%27s%20Prolonged%20Cyber%20Attack%20on%20a%20Large%20Organization&p=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&r=&lt=828&evt=pageLoad&sv=1&rn=91528 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 20 Jun 2024 02:40:36 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 4C8FCD37C5B7456C8B3A553848CF3ED0 Ref B: TYBEDGE0614 Ref C: 2024-06-20T02:40:36Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET		187039095 www.clarity.ms/tag/uet/	0 0
GET H3	200	/ www.google.com/pagead/1p-user-list/10796050850/	42 B 64 B	108ms 48ms	Image image/gif	172.217.25.164 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/10796050850/?random=1718851236836&cv=11&fst=1718848800000&bg=ffffff&guid=ON&async=1&gtm=45be46h0v9113921578z8852649347za201zb852649347&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&hn=www.googleadservices.com&frm=0&tiba=In-Depth%20Analysis%3A%20Velvet%20Ant%27s%20Prolonged%20Cyber%20Attack%20on%20a%20Large%20Organization&npa=0&pscdl=noapi&auid=1623701962.1718851237&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLQu5aD9u4E0mhBb_-RIZaBb1xhevVZw&random=3894896062&rmt_tld=0&ipr=y Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.25.164 , United States, ASN15169 (GOOGLE, US), Reverse DNS kix06s19-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 20 Jun 2024 02:40:37 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.co.jp/pagead/1p-user-list/10796050850/	42 B 64 B	56ms 54ms	Image image/gif	172.217.25.163 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.co.jp/pagead/1p-user-list/10796050850/?random=1718851236836&cv=11&fst=1718848800000&bg=ffffff&guid=ON&async=1&gtm=45be46h0v9113921578z8852649347za201zb852649347&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&hn=www.googleadservices.com&frm=0&tiba=In-Depth%20Analysis%3A%20Velvet%20Ant%27s%20Prolonged%20Cyber%20Attack%20on%20a%20Large%20Organization&npa=0&pscdl=noapi&auid=1623701962.1718851237&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLQu5aD9u4E0mhBb_-RIZaBb1xhevVZw&random=3894896062&rmt_tld=1&ipr=y Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.25.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS kix06s19-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 20 Jun 2024 02:40:36 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/10796050850/	42 B 64 B	97ms 48ms	Image image/gif	172.217.25.164 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/10796050850/?random=1718851236870&cv=11&fst=1718848800000&bg=ffffff&guid=ON&async=1&gtm=45be46h0v9113921578z8852649347za200zb852649347&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&hn=www.googleadservices.com&frm=0&tiba=In-Depth%20Analysis%3A%20Velvet%20Ant%27s%20Prolonged%20Cyber%20Attack%20on%20a%20Large%20Organization&npa=0&pscdl=noapi&auid=1623701962.1718851237&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLooppmHp4M26BKEDNPzeuwF1ov-YJSw&random=2409182027&rmt_tld=0&ipr=y Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.25.164 , United States, ASN15169 (GOOGLE, US), Reverse DNS kix06s19-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 20 Jun 2024 02:40:37 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.co.jp/pagead/1p-user-list/10796050850/	42 B 64 B	51ms 51ms	Image image/gif	172.217.25.163 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.co.jp/pagead/1p-user-list/10796050850/?random=1718851236870&cv=11&fst=1718848800000&bg=ffffff&guid=ON&async=1&gtm=45be46h0v9113921578z8852649347za200zb852649347&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&hn=www.googleadservices.com&frm=0&tiba=In-Depth%20Analysis%3A%20Velvet%20Ant%27s%20Prolonged%20Cyber%20Attack%20on%20a%20Large%20Organization&npa=0&pscdl=noapi&auid=1623701962.1718851237&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLooppmHp4M26BKEDNPzeuwF1ov-YJSw&random=2409182027&rmt_tld=1&ipr=y Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.25.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS kix06s19-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 20 Jun 2024 02:40:36 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	combinedConfigs Show response cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/	61 B 1 KB	207ms 206ms	Fetch application/json	2606:4700::6810:7674 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=8776530&currentUrl=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F Requested by Host: js.hubspot.com URL: https://js.hubspot.com/web-interactives-embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id b3132971-79c4-4b18-be17-42fa532c583e content-encoding br x-envoy-upstream-service-time 15 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id b3132971-79c4-4b18-be17-42fa532c583e server cloudflare vary origin access-control-allow-methods OPTIONS, GET content-type application/json;charset=utf-8 access-control-allow-origin https://www.sygnia.co x-evy-trace-virtual-host all access-control-max-age 180 access-control-allow-credentials true cache-control max-age=0, no-cache, no-store report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3saUwxAAfU7IdkFV%2Bv3nnwMxH5U02J0bOe2t5xwncmzu%2B5%2B6qZNhLR1sC34X6SfRlSTIdrC6OIdQISLpFrik7LZ11XRAR%2FpJwls%2FUEkPDi38E7EUb82SFyA%2FfM71ac9%2FfltY2FfhSsR5htWaSSExMT0guNTCKzzwYEQ%3D"}],"group":"cf-nel","max_age":604800} x-robots-tag noindex, follow access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent cf-ray 8968652739e4af3c-NRT x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-46nrs
GET H2	200	destinations.min.js Show response x.clearbitjs.com/v2/pk_b4fb7f423bd8c1db206dc4c6bf3a9e56/	0 21 B	500ms 335ms	Script application/javascript	18.138.153.215 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://x.clearbitjs.com/v2/pk_b4fb7f423bd8c1db206dc4c6bf3a9e56/destinations.min.js Requested by Host: tag.clearbitscripts.com URL: https://tag.clearbitscripts.com/v1/pk_b4fb7f423bd8c1db206dc4c6bf3a9e56/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.138.153.215 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-138-153-215.ap-southeast-1.compute.amazonaws.com Software Clearbit / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-envoy-response-flags - server Clearbit content-type application/javascript;charset=utf-8 cache-control private, max-age=600 content-length 0
GET H2	200	tracking.min.js Show response x.clearbitjs.com/v2/pk_b4fb7f423bd8c1db206dc4c6bf3a9e56/	168 KB 45 KB	430ms 265ms	Script application/javascript	18.138.153.215 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://x.clearbitjs.com/v2/pk_b4fb7f423bd8c1db206dc4c6bf3a9e56/tracking.min.js Requested by Host: tag.clearbitscripts.com URL: https://tag.clearbitscripts.com/v1/pk_b4fb7f423bd8c1db206dc4c6bf3a9e56/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.138.153.215 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-138-153-215.ap-southeast-1.compute.amazonaws.com Software Clearbit / Resource Hash 70ab4589cd875991dcba608ed58a37c165dda5645b767690b14587c7444a38d5 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:36 GMT content-encoding gzip x-content-type-options nosniff x-envoy-response-flags - server Clearbit strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control private, max-age=600
GET H3	200	counters.gif forms-na1.hsforms.com/embed/v3/	35 B 884 B	218ms 200ms	Image image/gif	104.19.175.188 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 3e31f9d0-6c42-41b4-873d-9dcce55864e5 x-envoy-upstream-service-time 9 alt-svc h3=":443"; ma=86400 content-length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 3e31f9d0-6c42-41b4-873d-9dcce55864e5 server cloudflare vary origin content-type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-8jmrd access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false x-robots-tag none cf-ray 896865288ed3735e-NRT
GET DATA	200 OK	truncated /	246 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d7780e9c2bb62d651ef56f3d7800e3ef686e424c0c27d9cead2e15b075d28174 Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	counters.gif forms-na1.hsforms.com/embed/v3/	35 B 845 B	189ms 189ms	Image image/gif	104.19.175.188 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 5cc00aae-9b6d-4ac4-b478-56e25571c35d x-envoy-upstream-service-time 2 alt-svc h3=":443"; ma=86400 content-length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 5cc00aae-9b6d-4ac4-b478-56e25571c35d server cloudflare vary origin content-type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-h57s4 access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false x-robots-tag none cf-ray 896865289ef0735e-NRT
GET H3	200	counters.gif perf-na1.hsforms.com/embed/v3/	35 B 889 B	207ms 207ms	Image image/gif	104.19.175.188 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 1c860603-0f46-493e-80fb-7969753c9a1e x-envoy-upstream-service-time 5 alt-svc h3=":443"; ma=86400 content-length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 1c860603-0f46-493e-80fb-7969753c9a1e last-modified Thu, 20 Jun 2024 02:40:37 GMT server cloudflare vary origin, Accept-Encoding content-type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-4lbrq access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false accept-ranges bytes x-robots-tag none cf-ray 89686528aef4735e-NRT
POST H2	200	p Show response app.clearbit.com/v1/	16 B 1 KB	463ms 262ms	XHR application/json	122.248.209.238 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.clearbit.com/v1/p Requested by Host: x.clearbitjs.com URL: https://x.clearbitjs.com/v2/pk_b4fb7f423bd8c1db206dc4c6bf3a9e56/tracking.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 122.248.209.238 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-122-248-209-238.ap-southeast-1.compute.amazonaws.com Software Clearbit / Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain Response headers date Thu, 20 Jun 2024 02:40:37 GMT content-encoding gzip x-content-type-options nosniff x-envoy-response-flags - server Clearbit strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding, Origin access-control-max-age 7200 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://www.sygnia.co access-control-expose-headers content-security-policy-report-only default-src 'self'; script-src 'unsafe-inline' 'report-sample' 'self' https://browser.sentry-cdn.com https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js https://cdn.clearbit.com https://cdn.segment.com/analytics.js/v1/auzWlbWIBrAsKnGQIiT0X3IjfZyepgW5/analytics.min.js https://checkout.stripe.com https://connect.facebook.net https://edge.fullstory.com/s/fs.js https://fast.appcues.com https://www.google-analytics.com/analytics.js https://x.clearbitjs.com https://cdn.clearbit.com https://*.commandbar.com; style-src 'unsafe-inline' 'report-sample' 'self' https://cdn.clearbit.com https://*.commandbar.com https://fast.appcues.com https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.amplitude.com https://*.commandbar.com https://api.segment.io https://checkout.stripe.com https://rs.fullstory.com https://www.google-analytics.com wss://api.appcues.net https://stats.g.doubleclick.net https://sentry.io https://logo.clearbit.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*.commandbar.com https://checkout.stripe.com; img-src 'self' https://*.commandbar.com https://*.stripe.com data: https://cdn.clearbit.com https://images.ctfassets.net https://logo.clearbit.com https://www.facebook.com https://connect.facebook.net https://www.google.com https://unpkg.com/react-flag-kit https://cloudfront.net/v1/avatars https://*.googleusercontent.com; manifest-src 'self'; media-src 'self'; worker-src 'none'; access-control-allow-credentials true content-type application/json
GET H2	200	__ptq.gif track.hubspot.com/	45 B 1 KB	214ms 201ms	Image image/gif	2606:4700::6810:7574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=ja-jp&bfp=16658556&v=1.1&a=8776530&rcu=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&pu=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&t=In-Depth+Analysis%3A+Velvet+Ant%27s+Prolonged+Cyber+Attack+on+a+Large+Organization&cts=1718851237588&vi=8c719b4470326cb6cc31cd3f440981ae&nc=true&u=147695848.8c719b4470326cb6cc31cd3f440981ae.1718851237584.1718851237584.1718851237584.1&b=147695848.1.1718851237584&pt=0&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id ca635aab-66b1-4e4a-9817-e5ea0baf5899 p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 11 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id ca635aab-66b1-4e4a-9817-e5ea0baf5899 server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0f7gmj7e1kgNsvFoENAvjuR4yvuwswEZYWEKhZ2zpg9u%2FyPZeJ%2BUzos%2F91eHP0jELNN3xLM4EucHSabOrkOyie1RO298nuTdrdUQjLWRyumVv9lMx5ym%2Bg8oGc4c%2BK7ziRyAHqtZtc9fk1JlKIcj"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-wmbn8 x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 8968652b09a5f689-NRT x-robots-tag none
GET H2	200	__ptq.gif track.hubspot.com/	45 B 746 B	216ms 208ms	Image image/gif	2606:4700::6810:7574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=15&fi=1ad9c304-415a-4d9d-ba10-a5145c1db1c3&fci=5b589f7a-5268-4986-93fc-add8b72b601f&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=ja-jp&bfp=16658556&v=1.1&a=8776530&rcu=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&pu=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&t=In-Depth+Analysis%3A+Velvet+Ant%27s+Prolonged+Cyber+Attack+on+a+Large+Organization&cts=1718851237591&vi=8c719b4470326cb6cc31cd3f440981ae&nc=true&u=147695848.8c719b4470326cb6cc31cd3f440981ae.1718851237584.1718851237584.1718851237584.1&b=147695848.1.1718851237584&pt=0&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 28cf296e-ab91-49fc-9dde-fbb67dab1e24 p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 6 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 28cf296e-ab91-49fc-9dde-fbb67dab1e24 server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p7WxXMM9meIJciknR668u78iDo22hnd0EyKwXCZOO4ZjDPM%2FsZ%2FX4MeZ5u3UMuovjpaX8XxA7qX0Z9Ii9Wkyp2YJjG7Dr40R8%2B4Oealc0TAhTVcL13WpADMOtsDwyT8afOneSDw0gZ6HpcaFtOXP"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-9rddg x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 8968652b09a8f689-NRT x-robots-tag none
GET H2	200	__ptq.gif track.hubspot.com/	45 B 743 B	214ms 210ms	Image image/gif	2606:4700::6810:7574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=15&fi=1ad9c304-415a-4d9d-ba10-a5145c1db1c3&fci=57129f0e-1e68-449b-8d94-10d6a9eda43a&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=ja-jp&bfp=16658556&v=1.1&a=8776530&rcu=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&pu=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fchina-nexus-threat-group-velvet-ant%2F&t=In-Depth+Analysis%3A+Velvet+Ant%27s+Prolonged+Cyber+Attack+on+a+Large+Organization&cts=1718851237592&vi=8c719b4470326cb6cc31cd3f440981ae&nc=true&u=147695848.8c719b4470326cb6cc31cd3f440981ae.1718851237584.1718851237584.1718851237584.1&b=147695848.1.1718851237584&pt=0&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 6a986da6-b142-41af-a3aa-e09c26784c2f p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 21 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 6a986da6-b142-41af-a3aa-e09c26784c2f server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BWP90U6IEeqD3hABg7q7EQv4KVo2TRvdq9OO8TnDNq7dfJ8eJU2mv7GXqXtoU7xknRSyuBma8OTFcmtUaGJCrK2r73joXqNafLq8ZbUu5OZ8NyXxYL7z0CSyDJnxlKHqtjwRBDd9Fcuct4CIWjtz"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-nmffp x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 8968652b09a9f689-NRT x-robots-tag none
GET H3	200	favicon.png www.sygnia.co/wp-content/uploads/2023/12/	436 B 682 B	35ms 34ms	Other image/webp	141.193.213.10 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://www.sygnia.co/wp-content/uploads/2023/12/favicon.png Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash df445b82b8f1b521ce3fd100a095e0325d352c8b7becbc6f01b224e6094ebe09 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:37 GMT cf-cache-status HIT age 224926 cf-polished origFmt=png, origSize=551 content-disposition inline; filename="favicon.webp" alt-svc h3=":443"; ma=86400 content-length 436 cf-bgj imgq:100,h2pri last-modified Mon, 17 Jun 2024 09:50:45 GMT server cloudflare etag "667006f5-227" vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 8968652b0c873438-NRT
GET H3	200	favicon-32x32.png www.sygnia.co/	486 B 737 B	16ms 15ms	Other image/webp	141.193.213.10 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://www.sygnia.co/favicon-32x32.png Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash b3765ce25bc41a6c1daed0c1f6157ea03e37ed4094bff0a008a9437c1442cfdf Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 02:40:37 GMT cf-cache-status HIT age 224926 cf-polished origFmt=png, origSize=1121 content-disposition inline; filename="favicon-32x32.webp" alt-svc h3=":443"; ma=86400 content-length 486 cf-bgj imgq:100,h2pri last-modified Mon, 17 Jun 2024 09:50:38 GMT server cloudflare etag "667006ee-461" vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 8968652b4cbd3438-NRT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.clarity.ms

URL

https://www.clarity.ms/tag/uet/187039095?insights=1