Submitted URL: http://cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Effective URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Submission: On January 10 via api from DE — Scanned from JP

Summary

This website contacted 19 IPs in 5 countries across 15 domains to perform 102 HTTP transactions. The main IP is 2606:4700:10::ac43:18d6, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.cyfirma.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 14th 2023. Valid for: a year.
This is the only time www.cyfirma.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.182.94.20 16509 (AMAZON-02)
72 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.65.207.72 16509 (AMAZON-02)
5 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
2 2600:140b:1a0... 20940 (AKAMAI-ASN1)
2 2620:1ec:bdf::46 8075 (MICROSOFT...)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2001:4860:480... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
2 20.96.88.162 8075 (MICROSOFT...)
1 2 20.205.115.81 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2604:a880:4:1... 14061 (DIGITALOC...)
102 19
Apex Domain
Subdomains
Transfer
73 cyfirma.com
cyfirma.com
www.cyfirma.com
2 MB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 778
www.linkedin.com — Cisco Umbrella Rank: 944
px4.ads.linkedin.com — Cisco Umbrella Rank: 7294
5 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1280
k.clarity.ms — Cisco Umbrella Rank: 59940
c.clarity.ms — Cisco Umbrella Rank: 2579
28 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
403 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
225 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1877
16 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 6
analytics.google.com — Cisco Umbrella Rank: 266
1 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4701
12 KB
1 cleantalk.org
moderate1.cleantalk.org — Cisco Umbrella Rank: 531658
364 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 539
760 B
1 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 17094
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
245 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
1 KB
1 fw-cdn.com
in.fw-cdn.com — Cisco Umbrella Rank: 418440
86 KB
102 15
Domain Requested by
72 www.cyfirma.com www.cyfirma.com
5 www.googletagmanager.com www.cyfirma.com
www.googletagmanager.com
www.google-analytics.com
4 px.ads.linkedin.com 3 redirects snap.licdn.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 fonts.gstatic.com fonts.googleapis.com
2 c.clarity.ms 1 redirects
2 k.clarity.ms www.clarity.ms
2 www.clarity.ms www.cyfirma.com
www.clarity.ms
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 challenges.cloudflare.com 1 redirects www.cyfirma.com
1 moderate1.cleantalk.org
1 c.bing.com 1 redirects
1 www.google.co.jp www.cyfirma.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 px4.ads.linkedin.com www.cyfirma.com
1 www.linkedin.com 1 redirects
1 www.gstatic.com www.google.com
1 fonts.googleapis.com www.cyfirma.com
1 www.google.com www.cyfirma.com
1 in.fw-cdn.com www.cyfirma.com
1 cyfirma.com 1 redirects
102 22

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-14 -
2024-05-13
a year crt.sh
*.fw-cdn.com
Amazon RSA 2048 M02
2023-12-24 -
2025-01-21
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-12-07 -
2024-12-07
a year crt.sh
*.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.google.co.jp
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06
2023-02-13 -
2024-02-08
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2023-11-03 -
2024-05-03
6 months crt.sh
*.cleantalk.org
Sectigo RSA Domain Validation Secure Server CA
2023-09-07 -
2024-09-24
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Frame ID: 55D0A3A81F4B6FC8A18CAB10FA772D8D
Requests: 102 HTTP requests in this frame

Screenshot

Page Title

A GAMER TURNED MALWARE DEVELOPER : DIVING INTO SILVERRAT AND IT’S SYRIAN ROOTS - CYFIRMA

Page URL History Show full URLs

  1. http://cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syr... HTTP 301
    https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syr... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /particles(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

102
Requests

97 %
HTTPS

76 %
IPv6

15
Domains

22
Subdomains

19
IPs

5
Countries

2359 kB
Transfer

4666 kB
Size

43
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/ HTTP 301
    https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/c8377512/api.js
Request Chain 87
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1704892370651&url=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1704892370651&url=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4091476%26time%3D1704892370651%26url%3Dhttps%253A%252F%252Fwww.cyfirma.com%252Foutofband%252Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1704892370651&url=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1704892370651&url=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F&cookiesTest=true&liSync=true&e_ipv6=AQLzll8ZjWf3IwAAAYzzgRBz1As1CHOpyUd0J9s3sSualw8IChVI6Rd0QKxOcZoZ8OBgdQ
Request Chain 98
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6E9294E8A5C04F0DB0FA91F3BC51C6D5&RedC=c.clarity.ms&MXFR=36B0480EA7256BA621C95C0CA3256577 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6E9294E8A5C04F0DB0FA91F3BC51C6D5&MUID=170A4C620BEB63D9183858600A196295

102 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Redirect Chain
  • http://cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
  • https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
115 KB
34 KB
Document
General
Full URL
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
360197d0049d6ec7819e9403de215bc4b7bb628fd34f90e5a8897c08e03dfa02
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-origin
https://www.cyfirma.com/
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84352c73fbfe3c17-NRT
content-encoding
gzip
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
content-type
text/html; charset=UTF-8
date
Wed, 10 Jan 2024 13:12:50 GMT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://www.cyfirma.com/wp-json/>; rel="https://api.w.org/" <https://www.cyfirma.com/wp-json/wp/v2/out-of-band/23176>; rel="alternate"; type="application/json" <https://www.cyfirma.com/?p=23176>; rel=shortlink
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
134
Content-Type
text/html
Date
Wed, 10 Jan 2024 13:12:47 GMT
Location
https://www.cyfirma.com:443/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Server
awselb/2.0
api.js
challenges.cloudflare.com/turnstile/v0/b/c8377512/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/b/c8377512/api.js
34 KB
12 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/c8377512/api.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
850e587a96f9cad84206169720be046f289fa015e4b76b6ae79610c9d73c7eef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
84352c819d436870-NRT
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 10 Jan 2024 13:12:50 GMT
server
cloudflare
vary
accept-encoding
location
/turnstile/v0/b/c8377512/api.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
84352c817d2b6870-NRT
alt-svc
h3=":443"; ma=86400
164635.js
in.fw-cdn.com/30284536/
342 KB
86 KB
Script
General
Full URL
https://in.fw-cdn.com/30284536/164635.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.207.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-207-72.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fbb1317e09b00ee140f43e416c854d5f3706c122c18653259a8fe63ef94119a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
oBH3aQRn4N0qPuazSvE_AiTRofZ36goT
content-encoding
br
via
1.1 213f5eab5bb830fb58f97a237a696e12.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 13:12:36 GMT
last-modified
Wed, 06 Dec 2023 13:30:54 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P3
age
15
x-amz-server-side-encryption
AES256
etag
W/"1661cf6955e0e6b995aae4d07565f97d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=120
x-amz-cf-id
Mjb9UJkOmCbfOqZVbSdMnnjFm9Q2eDD6dunUDxrt3F49gKBj1Cp9Kw==
style.min.css
www.cyfirma.com/my_includes/css/dist/block-library/
87 KB
12 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/my_includes/css/dist/block-library/style.min.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
1924
content-length
11681
x-xss-protection
1; mode=block
last-modified
Thu, 22 Sep 2022 12:06:57 GMT
server
cloudflare
etag
"15b64-5e942e5dafa40-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817ec23c17-NRT
wpcf7-redirect-frontend.min.css
www.cyfirma.com/apps/wpcf7-redirect/build/css/
316 B
265 B
Stylesheet
General
Full URL
https://www.cyfirma.com/apps/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
256
content-length
124
x-xss-protection
1; mode=block
last-modified
Wed, 10 Aug 2022 05:38:42 GMT
server
cloudflare
etag
"13c-5e5dc76305c80-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817ec43c17-NRT
cleantalk-public.min.css
www.cyfirma.com/apps/cleantalk-spam-protect/css/
591 B
422 B
Stylesheet
General
Full URL
https://www.cyfirma.com/apps/cleantalk-spam-protect/css/cleantalk-public.min.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e1d4ca8e3b35d99f52810f28e11145a323dd0e849caea9ae81f34e19adcb65
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
256
content-length
335
x-xss-protection
1; mode=block
last-modified
Fri, 18 Nov 2022 06:38:54 GMT
server
cloudflare
etag
"24f-5edb8f59c9b80-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817ec73c17-NRT
styles.css
www.cyfirma.com/apps/contact-form-7/includes/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/apps/contact-form-7/includes/css/styles.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
256
content-length
972
x-xss-protection
1; mode=block
last-modified
Thu, 20 Oct 2022 10:16:29 GMT
server
cloudflare
etag
"aab-5eb749e5a3940-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817ecb3c17-NRT
cf7msm.css
www.cyfirma.com/apps/contact-form-7-multi-step-module/resources/
99 B
215 B
Stylesheet
General
Full URL
https://www.cyfirma.com/apps/contact-form-7-multi-step-module/resources/cf7msm.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
503f9aa8675e396e6feec3369148a12f5c863c5068d573e72a3f2f4d217ac0d3
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
1924
content-length
107
x-xss-protection
1; mode=block
last-modified
Fri, 05 Aug 2022 08:16:26 GMT
server
cloudflare
etag
"63-5e57a1514aa80-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817ecc3c17-NRT
style.css
www.cyfirma.com/apps/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/
2 KB
641 B
Stylesheet
General
Full URL
https://www.cyfirma.com/apps/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/style.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9bedb566e4c72916581634e62c27865c5e69c7257b6f13ce273688d85709b55
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
256
content-length
536
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:22:51 GMT
server
cloudflare
etag
"69a-5e56a3f1220c0-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817ed13c17-NRT
admin-bar-style.css
www.cyfirma.com/apps/wpml-translation-management/res/css/
112 B
221 B
Stylesheet
General
Full URL
https://www.cyfirma.com/apps/wpml-translation-management/res/css/admin-bar-style.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2961bb57dcfff925f2e03ad6ad741a457b5f5482bd5b5c221cc20d5d1bfb4268
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
1924
content-length
113
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:22:59 GMT
server
cloudflare
etag
"70-5e56a3f8c32c0-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817ed23c17-NRT
uacf7-frontend.css
www.cyfirma.com/apps/ultimate-addons-for-contact-form-7/assets/css/
66 B
191 B
Stylesheet
General
Full URL
https://www.cyfirma.com/apps/ultimate-addons-for-contact-form-7/assets/css/uacf7-frontend.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b431cd3e46b1b838277b94d965395353337d85e6671485b4ce10c11ec6dc31e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1924
x-xss-protection
1; mode=block
last-modified
Wed, 10 May 2023 08:28:51 GMT
server
cloudflare
etag
W/"42-5fb52a95eb6c0"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
cf-ray
84352c817ed43c17-NRT
skin.css
www.cyfirma.com/template/
0
61 B
Stylesheet
General
Full URL
https://www.cyfirma.com/template/skin.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
256
content-length
0
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"0-5e56a3f9b7500"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817ed73c17-NRT
blocks.css
www.cyfirma.com/template/assets/css/
8 KB
1 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/blocks.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
738d4cf265345f71cce17d9a69eb8f20df5de1fa2a6e5be1c6ca76824cf8745a
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
256
content-length
1447
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"1e35-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817eda3c17-NRT
bootstrap.min.css
www.cyfirma.com/template/assets/css/
156 KB
23 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/bootstrap.min.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b23a5e62bb16bd36bfa1555d3f741821201496ac4b6d2cc974549568adadec88
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
256
content-length
23649
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"26eee-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817edb3c17-NRT
fontawesome.min.css
www.cyfirma.com/template/assets/css/
55 KB
12 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/fontawesome.min.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425a515894a7215256e54706cc640acbb4fb34fd17eb29b374846d8b106e6f8e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
1923
content-length
12157
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"da62-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817edc3c17-NRT
all.css
www.cyfirma.com/template/assets/css/
77 KB
16 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/all.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4948aa9fd1875b6f894bf7ac085914baf38bc27d8b0699864a849c7b7f233ca7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
256
content-length
16190
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"135ba-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817edf3c17-NRT
jquery.fancybox.css
www.cyfirma.com/template/assets/css/
14 KB
3 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/jquery.fancybox.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cf8b2588497dcd12fa96a75731c6ec327491f8d55f18da0af72b70afa6713af
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
1923
content-length
3486
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"382f-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817ee03c17-NRT
slick.css
www.cyfirma.com/template/assets/css/
1 KB
600 B
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/slick.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c1f806310322c848c4c996ca568a03b3b16cf9487cbccf09aef3cf17e2c643d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
256
content-length
490
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"534-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817ee33c17-NRT
jquery.mCustomScrollbar.css
www.cyfirma.com/template/assets/css/
42 KB
4 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/jquery.mCustomScrollbar.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40790d44e3deecffafb17b8cdd23a754eabb0faee9c6dfeb3a3b7b17c2fbaa6a
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
256
content-length
3989
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"a8a2-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817ee53c17-NRT
custom-style.css
www.cyfirma.com/template/assets/css/
75 KB
15 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/custom-style.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
893457445b0ccaec3a0dcdcafc1fae03a4184efc7ccd112c5433d65c1101533a
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
256
content-length
14863
x-xss-protection
1; mode=block
last-modified
Mon, 07 Nov 2022 05:06:34 GMT
server
cloudflare
etag
"12cd7-5ecda6325ca80-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817ee73c17-NRT
new-custom-style.css
www.cyfirma.com/template/assets/css/
257 B
254 B
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/new-custom-style.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8e5aea71b92d5bc2e05586277048d2b3b558e75aa7df216a28e4b77bceecc8d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
1923
content-length
145
x-xss-protection
1; mode=block
last-modified
Mon, 05 Sep 2022 12:51:37 GMT
server
cloudflare
etag
"101-5e7ed8a4b2840-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817eea3c17-NRT
responsive.css
www.cyfirma.com/template/assets/css/
36 KB
7 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/responsive.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cf1bb5e4b0212164c1cedcbc1cf2d8b7cc399077fc89875d6bbdfbb349571f4
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
1923
content-length
7245
x-xss-protection
1; mode=block
last-modified
Thu, 20 Oct 2022 14:49:25 GMT
server
cloudflare
etag
"8e81-5eb786e702740-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817eec3c17-NRT
jquery.min.js
www.cyfirma.com/template/assets/js/
87 KB
30 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/jquery.min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
1923
content-length
30910
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"15d84-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817eef3c17-NRT
devtools-detect.js
www.cyfirma.com/apps/wp-hide-security-enhancer/assets/js/
1 KB
1 KB
Script
General
Full URL
https://www.cyfirma.com/apps/wp-hide-security-enhancer/assets/js/devtools-detect.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa4c3d21c2a86169948b5acc1bf4a8589bd4898c5bca6f46a20ae8727b30179
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
256
content-length
536
x-xss-protection
1; mode=block
last-modified
Thu, 20 Oct 2022 10:15:59 GMT
server
cloudflare
etag
"59f-5eb749c9075c0-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817ef03c17-NRT
apbct-public-bundle.min.js
www.cyfirma.com/apps/cleantalk-spam-protect/js/
44 KB
12 KB
Script
General
Full URL
https://www.cyfirma.com/apps/cleantalk-spam-protect/js/apbct-public-bundle.min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b83c6996b8b62de253d21d5c66caef7e9475d216b125c183a3231aa342cc1eaf
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
1923
content-length
12299
x-xss-protection
1; mode=block
last-modified
Fri, 18 Nov 2022 06:38:54 GMT
server
cloudflare
etag
"b1d9-5edb8f59c9b80-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817ef23c17-NRT
script.js
www.cyfirma.com/apps/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/
2 KB
826 B
Script
General
Full URL
https://www.cyfirma.com/apps/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/script.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b2d1114a960c43692ad2909005aa641bc406fb1f6c5714bc2d2185b5c3b2129
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
1923
content-length
637
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:22:51 GMT
server
cloudflare
etag
"768-5e56a3f1220c0-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817ef53c17-NRT
js
www.googletagmanager.com/gtag/
188 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-80179732-4
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b255ade25a6f2c7887e210f249b590271eb560a1e54ecc7b17dc7230baf22a90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69228
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Jan 2024 13:12:50 GMT
CyfirmaLogoWhite.svg
www.cyfirma.com/media/2022/08/
18 KB
7 KB
Image
General
Full URL
https://www.cyfirma.com/media/2022/08/CyfirmaLogoWhite.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07ce60e24df059952c6c4f6a82cdb94603280a563a2c2e467f71dc712d0892a7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1923
x-xss-protection
1; mode=block
last-modified
Mon, 08 Aug 2022 05:08:58 GMT
server
cloudflare
etag
W/"465e-5e5b3d02bee80"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=28800
cf-ray
84352c817ef63c17-NRT
en.png
www.cyfirma.com/media/flags/
1012 B
1 KB
Image
General
Full URL
https://www.cyfirma.com/media/flags/en.png
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b82368a28809e066c7a394775e69bc6ce1ca857317222b8b0ea4ffe53ae5b5f3
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
256
content-length
1012
x-xss-protection
1; mode=block
last-modified
Fri, 23 Sep 2022 07:10:14 GMT
server
cloudflare
etag
"3f4-5e952de8e2180"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c817ef73c17-NRT
game-fe.jpg
www.cyfirma.com/media/2024/01/
80 KB
80 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-fe.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4813a394e45fd92bcc4ea6f2c58aad3c7a705a3f919be52bc8cc1ae3d780bf27
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
3254
content-length
81545
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:54 GMT
server
cloudflare
etag
"13e89-60e090105f4b0"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c81cf853c17-NRT
game-1.jpg
www.cyfirma.com/media/2024/01/
35 KB
36 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-1.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b22ab3b9fcb87360c73ec15bcb41922631c3c885f6655ad765cad19a8bc4873
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
3254
content-length
36132
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:27 GMT
server
cloudflare
etag
"8d24-60e08ff5fbad8"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c81df883c17-NRT
game-2.jpg
www.cyfirma.com/media/2024/01/
33 KB
33 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-2.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a165a7c7659182efd6321498ed0769dbd1a2962514cf9ab4d78edd79623fcd3e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
3254
content-length
33450
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:24 GMT
server
cloudflare
etag
"82aa-60e08ff3c7b68"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c8299113c17-NRT
game-3.jpg
www.cyfirma.com/media/2024/01/
20 KB
21 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-3.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a9b84b9b18224ebadcc2d87504030ba4e6441464bfd8526072ef21ac6af94f0
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
3254
content-length
20786
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:23 GMT
server
cloudflare
etag
"5132-60e08ff21fa40"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c8299123c17-NRT
game-4.jpg
www.cyfirma.com/media/2024/01/
54 KB
54 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-4.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81aa5cbc19aa26564505a051e0222deb4b4c2c4eec6df548107e009ce753f8d2
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
256
content-length
55011
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:21 GMT
server
cloudflare
etag
"d6e3-60e08ff047b78"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c8299153c17-NRT
game-5.jpg
www.cyfirma.com/media/2024/01/
5 KB
6 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-5.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94abca203c15bd422d0e66e1c49755ea348088e2cebc10426464bc4aaa0f6207
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
3254
content-length
5624
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:19 GMT
server
cloudflare
etag
"15f8-60e08fee60e68"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c8299163c17-NRT
game-6.jpg
www.cyfirma.com/media/2024/01/
24 KB
24 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-6.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4bbe64fbb54cf16c604fb0a3516b05712f98e18efaeee113025beeb70c252e9
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
3254
content-length
24203
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:16 GMT
server
cloudflare
etag
"5e8b-60e08fec2fdd8"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c82991a3c17-NRT
game-7.jpg
www.cyfirma.com/media/2024/01/
23 KB
23 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-7.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d08b3c4e0d31ee8c5be246045c0424c3ce505645aab663364ec8bd8eaf37592
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
3253
content-length
23128
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:15 GMT
server
cloudflare
etag
"5a58-60e08fea9a1a8"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c82991c3c17-NRT
game-8.jpg
www.cyfirma.com/media/2024/01/
22 KB
23 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-8.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8937050d83a758064ca7c345d51c4dd96ebb950a17a9f0242680d546b32ce5a
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
3253
content-length
22993
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:13 GMT
server
cloudflare
etag
"59d1-60e08fe87dd20"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c82991e3c17-NRT
game-9.jpg
www.cyfirma.com/media/2024/01/
26 KB
26 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-9.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29bfb862f8695877b9520dbfb08d1774c96d1bbc5c910825fcd664ed92d26590
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
3253
content-length
26164
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:11 GMT
server
cloudflare
etag
"6634-60e08fe6ba678"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c82991f3c17-NRT
game-10.jpg
www.cyfirma.com/media/2024/01/
23 KB
23 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-10.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3f0821b7f02d92d9e2edfc85f833468f09ba25818636baa69f54f36ca3b8054
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
256
content-length
23773
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:08 GMT
server
cloudflare
etag
"5cdd-60e08fe4899d0"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c8299213c17-NRT
game-11.jpg
www.cyfirma.com/media/2024/01/
38 KB
38 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-11.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9543edfb5dc8f9d0cf2518a9aab7259016f28581732641916e3ab81e1cef41f
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
3253
content-length
38561
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:07 GMT
server
cloudflare
etag
"96a1-60e08fe2d16d8"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c8299223c17-NRT
game-12.jpg
www.cyfirma.com/media/2024/01/
34 KB
34 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-12.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c94dd11355000b0cecf42078c7b07c4b60a96d2ac812c87638e7fc66a7e0b866
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
3253
content-length
34837
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:05 GMT
server
cloudflare
etag
"8815-60e08fe144360"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c8299243c17-NRT
game-13.jpg
www.cyfirma.com/media/2024/01/
115 KB
116 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-13.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e191a8f0f3409ba0230d22fc8c72e49e09b295acfb32355fe0d9f303941a558
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
3253
content-length
118139
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:04 GMT
server
cloudflare
etag
"1cd7b-60e08fdff8e98"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c8299253c17-NRT
game-14.jpg
www.cyfirma.com/media/2024/01/
50 KB
51 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-14.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dd3b652748e8e94f3b6b76d41becbb29b31ee51f4b6a488346a0e4e49463a70
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
3253
content-length
51675
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:02 GMT
server
cloudflare
etag
"c9db-60e08fde29888"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c8299263c17-NRT
game-15.jpg
www.cyfirma.com/media/2024/01/
35 KB
35 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-15.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8fcb863e9702bbbf1786ed6a0516907748eb7243b9f595e812d8b8dd443c0d3
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
3253
content-length
35944
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:34:00 GMT
server
cloudflare
etag
"8c68-60e08fdc884c0"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c8299283c17-NRT
game-16.jpg
www.cyfirma.com/media/2024/01/
23 KB
23 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-16.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1c3d9ebb615025fc6e72a353af5c9060e9457c8143aa044e9d7e30682ef44ec
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
256
content-length
23080
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:33:58 GMT
server
cloudflare
etag
"5a28-60e08fdb08438"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c82992a3c17-NRT
game-17.jpg
www.cyfirma.com/media/2024/01/
62 KB
62 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-17.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1f1d89b9c373054ecf43ccd99500a7bd903dbf7d41f40dc697bc6fc5dffd7b4
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
3253
content-length
62990
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:33:56 GMT
server
cloudflare
etag
"f60e-60e08fd91a9c8"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c82992b3c17-NRT
game-18.jpg
www.cyfirma.com/media/2024/01/
48 KB
48 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-18.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
114f4522eee1d9ff4754183088a405ab26fd9069a124e4b97f42a95ef95171d5
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
256
content-length
48687
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:33:55 GMT
server
cloudflare
etag
"be2f-60e08fd75b1a0"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c82992e3c17-NRT
game-19.jpg
www.cyfirma.com/media/2024/01/
34 KB
34 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-19.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b06c480414c04b76546b7601ae434ee037f1a2f3d2c368fea636b4ec60a30cb5
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
3253
content-length
34540
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:33:53 GMT
server
cloudflare
etag
"86ec-60e08fd559ac8"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c8299303c17-NRT
game-20.jpg
www.cyfirma.com/media/2024/01/
21 KB
21 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-20.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0160289f88acaad5015d6305885ffbedbade942652a0b8f2bac34ebcf7bde9f2
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
256
content-length
21302
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:33:51 GMT
server
cloudflare
etag
"5336-60e08fd3c1788"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c8299313c17-NRT
game-21.jpg
www.cyfirma.com/media/2024/01/
56 KB
57 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-21.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52df45ba01cc35fbdd91ed56a522caf586eddb395fac843dfd18212cdd204d88
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
3253
content-length
57821
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:33:49 GMT
server
cloudflare
etag
"e1dd-60e08fd267c48"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c8299323c17-NRT
game-22.jpg
www.cyfirma.com/media/2024/01/
26 KB
26 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-22.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c33c0724121785c794440f67ebfb65eafe1edc8e387fd0825bfa9c01a6c4828d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
256
content-length
26815
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:33:48 GMT
server
cloudflare
etag
"68bf-60e08fd0b7268"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c8299353c17-NRT
game-23.jpg
www.cyfirma.com/media/2024/01/
25 KB
25 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/01/game-23.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23411e3962d39eefa1bf12330e1d03ffbc11b2b7b1483f3840ddf33dc79ef506
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
3253
content-length
25482
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 03 Jan 2024 11:33:46 GMT
server
cloudflare
etag
"638a-60e08fcf202b0"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c8299383c17-NRT
linkedin-in-1.svg
www.cyfirma.com/media/2023/11/
688 B
648 B
Image
General
Full URL
https://www.cyfirma.com/media/2023/11/linkedin-in-1.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a53a9bfe4eff5bbf862f07880bca00665a89b61f9186060d514dc6590b60529
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
256
x-xss-protection
1; mode=block
last-modified
Thu, 16 Nov 2023 07:16:38 GMT
server
cloudflare
etag
W/"2b0-60a3fccfa8ef0"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=28800
cf-ray
84352c8299393c17-NRT
facebook-f.svg
www.cyfirma.com/media/2023/11/
559 B
550 B
Image
General
Full URL
https://www.cyfirma.com/media/2023/11/facebook-f.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5121be3e86a265c52a5ad4cf1a8b7cf45f5f7a280b378edbf0e57499afb2810
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
256
x-xss-protection
1; mode=block
last-modified
Thu, 16 Nov 2023 07:16:42 GMT
server
cloudflare
etag
W/"22f-60a3fcd31bfd8"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=28800
cf-ray
84352c82993c3c17-NRT
x-twitter.svg
www.cyfirma.com/media/2023/11/
560 B
527 B
Image
General
Full URL
https://www.cyfirma.com/media/2023/11/x-twitter.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c43ae1ac836ab2e2c6f5409d5912f1246383abe0955cb2e1a6ef6f4718dd988c
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
256
x-xss-protection
1; mode=block
last-modified
Thu, 16 Nov 2023 07:16:36 GMT
server
cloudflare
etag
W/"230-60a3fcce04090"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=28800
cf-ray
84352c82993d3c17-NRT
style.css
www.cyfirma.com/apps/sitepress-multilingual-cms/templates/language-switchers/legacy-list-vertical/
812 B
442 B
Stylesheet
General
Full URL
https://www.cyfirma.com/apps/sitepress-multilingual-cms/templates/language-switchers/legacy-list-vertical/style.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
287e1b30ad2973257cbb28a7e07b6715a1cebc74f796c4948e4fcecc4ab9cc6c
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
256
content-length
311
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:22:51 GMT
server
cloudflare
etag
"32c-5e56a3f1220c0-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c820fed3c17-NRT
wpcf7r-fe.js
www.cyfirma.com/apps/wpcf7-redirect/build/js/
8 KB
2 KB
Script
General
Full URL
https://www.cyfirma.com/apps/wpcf7-redirect/build/js/wpcf7r-fe.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
1922
content-length
1617
x-xss-protection
1; mode=block
last-modified
Wed, 10 Aug 2022 05:38:42 GMT
server
cloudflare
etag
"1f8a-5e5dc76305c80-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c820fee3c17-NRT
index.js
www.cyfirma.com/apps/contact-form-7/includes/swv/js/
10 KB
3 KB
Script
General
Full URL
https://www.cyfirma.com/apps/contact-form-7/includes/swv/js/index.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
1922
content-length
2937
x-xss-protection
1; mode=block
last-modified
Thu, 20 Oct 2022 10:16:29 GMT
server
cloudflare
etag
"26d1-5eb749e5a3940-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c82282b3c17-NRT
index.js
www.cyfirma.com/apps/contact-form-7/includes/js/
12 KB
4 KB
Script
General
Full URL
https://www.cyfirma.com/apps/contact-form-7/includes/js/index.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
256
content-length
3957
x-xss-protection
1; mode=block
last-modified
Thu, 20 Oct 2022 10:16:29 GMT
server
cloudflare
etag
"3016-5eb749e5a3940-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c82282f3c17-NRT
cf7msm.min.js
www.cyfirma.com/apps/contact-form-7-multi-step-module/resources/
5 KB
2 KB
Script
General
Full URL
https://www.cyfirma.com/apps/contact-form-7-multi-step-module/resources/cf7msm.min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfdb442f3cefaf2cdac354f011905aa766d027e6820fabc4499f243598f9c561
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
256
content-length
2012
x-xss-protection
1; mode=block
last-modified
Fri, 05 Aug 2022 08:16:26 GMT
server
cloudflare
etag
"1435-5e57a1514aa80-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c8248703c17-NRT
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
33486529333d62be05c0096dfcdc78e14b783f6f476c403f1683a3de5ffc09eb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 10 Jan 2024 13:12:50 GMT
particles.js
www.cyfirma.com/template/assets/js/
22 KB
6 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/particles.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b336cf8710d8097c7de836d5534ff7c803b00c260c9500a4cb4b95f1905230c1
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
1921
content-length
5721
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"591e-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c8248763c17-NRT
jquery.matchHeight-min.js
www.cyfirma.com/template/assets/js/
3 KB
1 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/jquery.matchHeight-min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ab9a2fb6fb65ca5debaa8686408bab41a073db2d5abcf0db248279d944ac51
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
256
content-length
1372
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"d29-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c8268b03c17-NRT
bootstrap.min.js
www.cyfirma.com/template/assets/js/
58 KB
15 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/bootstrap.min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
974e81270e14d0829929fe7cf9e20bd0ad6c651a6c4203b6799740b970174a52
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
256
content-length
15406
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"e6b4-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c8268b13c17-NRT
jquery.custom-scroll.min.js
www.cyfirma.com/template/assets/js/
44 KB
13 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/jquery.custom-scroll.min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd8027b53a97cbd5782e85c5908e563c39776703ff9279f50658e630927b4167
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
256
content-length
12940
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"b1a7-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c82990b3c17-NRT
jquery.fancybox.js
www.cyfirma.com/template/assets/js/
60 KB
19 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/jquery.fancybox.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
539f5ac9dfd20b0944a5dcbf121289df379e4197e9263006b96b931c7bc18c5b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
1921
content-length
19666
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"f154-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c82990e3c17-NRT
slick.js
www.cyfirma.com/template/assets/js/
42 KB
10 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/slick.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e55b451621a060d376f1b31af3b370ea3d65ab7532ca82e875e52882deefbae
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
1921
content-length
10485
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"a88a-5e56a3f9b7500-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c82990f3c17-NRT
custom.js
www.cyfirma.com/template/assets/js/
5 KB
1 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/custom.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
290dc8deb77632ee52a3e08c01def62f5fb715b5c85fbc4afaa99a3c8b4d1a4e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
1920
content-length
1318
x-xss-protection
1; mode=block
last-modified
Wed, 14 Sep 2022 12:15:07 GMT
server
cloudflare
etag
"144a-5e8a21454c8c0-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c8299103c17-NRT
gtm.js
www.googletagmanager.com/
232 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5GT46FN
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d48967aaca726e44ee4b913413dae250065aa8b631599cb291e92324453d1370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77804
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Jan 2024 13:12:50 GMT
wp-emoji-release.min.js
www.cyfirma.com/my_includes/js/
18 KB
5 KB
Script
General
Full URL
https://www.cyfirma.com/my_includes/js/wp-emoji-release.min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cf-cache-status
HIT
age
1920
content-length
5009
x-xss-protection
1; mode=block
last-modified
Thu, 22 Sep 2022 12:05:01 GMT
server
cloudflare
etag
"48b9-5e942def0f540-gzip"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c82993f3c17-NRT
css2
fonts.googleapis.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/template/assets/css/custom-style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aef306d8dc297f057d650b2e03a3c79b8f8aa29aeaa9f7f19b4f4a5c5d3e88f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 12:52:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jan 2024 13:12:50 GMT
CyfirmaLogoWhite.svg
www.cyfirma.com/media/2022/08/
18 KB
7 KB
Image
General
Full URL
https://www.cyfirma.com/media/2022/08/CyfirmaLogoWhite.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07ce60e24df059952c6c4f6a82cdb94603280a563a2c2e467f71dc712d0892a7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1923
x-xss-protection
1; mode=block
last-modified
Mon, 08 Aug 2022 05:08:58 GMT
server
cloudflare
etag
W/"465e-5e5b3d02bee80"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=28800
cf-ray
84352c8299433c17-NRT
footerbg.png
www.cyfirma.com/template/assets/media/2022/09/
45 KB
45 KB
Image
General
Full URL
https://www.cyfirma.com/template/assets/media/2022/09/footerbg.png
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/template/assets/css/custom-style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f21d262ca9984228678854b0680da03521485de0d29e16a850e15e9496882859
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/template/assets/css/custom-style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:51 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
BYPASS
content-encoding
gzip
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.cyfirma.com/
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
84352c82a94b3c17-NRT
link
<https://www.cyfirma.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cyfirma.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 05:08:22 GMT
x-content-type-options
nosniff
age
547468
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jan 2025 05:08:22 GMT
fa-regular-400.woff2
www.cyfirma.com/template/assets/fonts/
142 KB
142 KB
Font
General
Full URL
https://www.cyfirma.com/template/assets/fonts/fa-regular-400.woff2
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/template/assets/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3da2adabcb26b0d20d5ddf91e3b608996801e6d8a99a739bb041f9c9628539c
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cyfirma.com/template/assets/css/all.css
Origin
https://www.cyfirma.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
256
content-length
145052
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"2369c-5e56a3f9b7500"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c82a9513c17-NRT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cyfirma.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 22:39:18 GMT
x-content-type-options
nosniff
age
311612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Jan 2025 22:39:18 GMT
fa-solid-900.woff2
www.cyfirma.com/template/assets/fonts/
115 KB
115 KB
Font
General
Full URL
https://www.cyfirma.com/template/assets/fonts/fa-solid-900.woff2
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/template/assets/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47c58e41e2f38d9813c39b6641c96e12408522bf774779cb58973f67303875a7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cyfirma.com/template/assets/css/all.css
Origin
https://www.cyfirma.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
256
content-length
117616
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"1cb70-5e56a3f9b7500"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c82a9543c17-NRT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cyfirma.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:26:17 GMT
x-content-type-options
nosniff
age
13593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 09:26:17 GMT
fa-brands-400.woff2
www.cyfirma.com/template/assets/fonts/
70 KB
71 KB
Font
General
Full URL
https://www.cyfirma.com/template/assets/fonts/fa-brands-400.woff2
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/template/assets/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3eb2d0caf3502359966882d146b1a75e34bf933cbdace1c286395ea3fd1f567
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cyfirma.com/template/assets/css/all.css
Origin
https://www.cyfirma.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff
cf-cache-status
HIT
age
3254
content-length
72124
x-xss-protection
1; mode=block
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
server
cloudflare
etag
"119bc-5e56a3f9b7500"
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84352c82a9553c17-NRT
apbct_get_pixel_url
www.cyfirma.com/wp-json/cleantalk-antispam/v1/
80 B
2 KB
XHR
General
Full URL
https://www.cyfirma.com/wp-json/cleantalk-antispam/v1/apbct_get_pixel_url
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/apps/cleantalk-spam-protect/js/apbct-public-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f77727ac33b55651b0ee174a6a5d44b1a8820b743c37ec8fac709c0762ae26
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
accept-language
jp-JP,jp;q=0.9
X-WP-Nonce
c95f8ba3a4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:51 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-frame-options
DENY
allow
POST
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cyfirma.com
access-control-allow-methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
vary
Origin
x-robots-tag
noindex
link
<https://www.cyfirma.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray
84352c83aad53c17-NRT
x-wp-nonce
c95f8ba3a4
expires
Thu, 19 Nov 1981 08:52:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/
503 KB
202 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:828::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cyfirma.com/
Origin
https://www.cyfirma.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 03:23:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
467351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205927
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Jan 2025 03:23:39 GMT
js
www.googletagmanager.com/gtag/
276 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KBLXRB4PTX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GT46FN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c9a988299989a8fbd7a22ff37852ef5ae229f01f66b8609bd5b3480c6a26f626
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93305
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 10 Jan 2024 13:12:50 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GT46FN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 Jan 2024 12:42:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1801
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 10 Jan 2024 14:42:49 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
1 KB
785 B
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GT46FN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1a00:14::17dc:5499 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a544124f98add2e2d508d975d9f14d21c2721681010ff33006518d8a2a2123c4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 10 Jan 2024 10:26:45 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=76440
accept-ranges
bytes
content-length
575
jg2ucp2q3y
www.clarity.ms/tag/
650 B
1013 B
Script
General
Full URL
https://www.clarity.ms/tag/jg2ucp2q3y
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
628bcaab7fd5bedc4a3835f2a8751fd172a8aa19525381cd8d24d8c71ae1476f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
-1
date
Wed, 10 Jan 2024 13:12:50 GMT
x-azure-ref
20240110T131250Z-wcg5hdfe8h0zmbsc7ar6vfa0gw0000000swg00000000fwvu
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
js
www.googletagmanager.com/gtag/
244 KB
83 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XN67BK9M7N&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-80179732-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
35ea2a6a42eda7dd186ca523112421862cf95b0c7ea9f802ccae3814fbc4924e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84799
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 10 Jan 2024 13:12:50 GMT
insight.old.min.js
snap.licdn.com/li.lms-analytics/
42 KB
15 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1a00:14::17dc:5499 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f0822081c33dc4a9cabd9255d574f89280925c4e1f833eefb49a966243014572
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 10 Jan 2024 10:26:44 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=76410
accept-ranges
bytes
content-length
15605
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1704892370651&url=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-r...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1704892370651&url=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-r...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4091476%26time%3D1704892370651%26url%3Dhttps%253A%252F%252Fwww.cyfirma.com%252Fou...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1704892370651&url=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-r...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1704892370651&url=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-...
0
486 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1704892370651&url=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F&cookiesTest=true&liSync=true&e_ipv6=AQLzll8ZjWf3IwAAAYzzgRBz1As1CHOpyUd0J9s3sSualw8IChVI6Rd0QKxOcZoZ8OBgdQ
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 21A61FAAF4554611BA5FDB0E0126E4C3 Ref B: TYAEDGE1007 Ref C: 2024-01-10T13:12:51Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOlzAp3aliAKW5QrFicw==

Redirect headers

date
Wed, 10 Jan 2024 13:12:50 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 93F7C51707EC4F89B538DE4132553C2E Ref B: TYAEDGE0706 Ref C: 2024-01-10T13:12:51Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1704892370651&url=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F&cookiesTest=true&liSync=true&e_ipv6=AQLzll8ZjWf3IwAAAYzzgRBz1As1CHOpyUd0J9s3sSualw8IChVI6Rd0QKxOcZoZ8OBgdQ
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOlzAoKhpkwsntIM9idQ==
collect
www.google-analytics.com/j/
15 B
221 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=50155721&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F&ul=en-us&de=UTF-8&dt=A%20GAMER%20TURNED%20MALWARE%20DEVELOPER%20%3A%20DIVING%20INTO%20SILVERRAT%20AND%20IT%E2%80%99S%20SYRIAN%20ROOTS%20-%20CYFIRMA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAACAAI~&jid=1179362449&gjid=544738249&cid=1625834661.1704892371&tid=UA-80179732-4&_gid=111358889.1704892371&_r=1&_slc=1&gtm=45He4180n815GT46FNv852032066&gcd=11l1l1l1l1&dma=0&z=637839808
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
bb2ccb10404cc6a241da8ff58b2ccb32e483c021f9123c09d4e5f565af4fc718
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cyfirma.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:12:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cyfirma.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
68 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=50155721&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F&ul=en-us&de=UTF-8&dt=A%20GAMER%20TURNED%20MALWARE%20DEVELOPER%20%3A%20DIVING%20INTO%20SILVERRAT%20AND%20IT%E2%80%99S%20SYRIAN%20ROOTS%20-%20CYFIRMA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=229043514&gjid=583466500&cid=1625834661.1704892371&tid=UA-80179732-4&_gid=111358889.1704892371&_r=1&gtm=457e4180&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1899087259
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cyfirma.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:12:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cyfirma.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
248 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XN67BK9M7N&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
009d8e828442a15c0a04584387147fd7bb1dbec862ae616ad7a327ad496ec10c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86611
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 10 Jan 2024 13:12:50 GMT
clarity.js
www.clarity.ms/s/0.7.20/
60 KB
25 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jg2ucp2q3y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:12:50 GMT
content-encoding
br
last-modified
Wed, 03 Jan 2024 15:51:12 GMT
etag
W/"0x8DC0C73CFCC02AC"
vary
Accept-Encoding
x-azure-ref
20240110T131250Z-wcg5hdfe8h0zmbsc7ar6vfa0gw0000000swg00000000fwwp
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
2d2abf90-d01e-0045-099a-3efb38000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XN67BK9M7N&gtm=45je4180v9135687612&_p=1704892370225&gcd=11l1l1l1l1&dma=0&cid=1625834661.1704892371&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1704892370&sct=1&seg=0&dl=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F&dt=A%20GAMER%20TURNED%20MALWARE%20DEVELOPER%20%3A%20DIVING%20INTO%20SILVERRAT%20AND%20IT%E2%80%99S%20SYRIAN%20ROOTS%20-%20CYFIRMA&en=page_view&_fv=1&_ss=1&tfd=2916
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XN67BK9M7N&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:12:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cyfirma.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/
0
254 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-KBLXRB4PTX&gtm=45je4180v897044746z8852032066&_p=1704892370225&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1625834661.1704892371&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704892370&sct=1&seg=0&dl=https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F&dt=A%20GAMER%20TURNED%20MALWARE%20DEVELOPER%20%3A%20DIVING%20INTO%20SILVERRAT%20AND%20IT%E2%80%99S%20SYRIAN%20ROOTS%20-%20CYFIRMA&en=page_view&_fv=1&_ss=1&tfd=2959
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KBLXRB4PTX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:12:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cyfirma.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
245 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KBLXRB4PTX&cid=1625834661.1704892371&gtm=45je4180v897044746z8852032066&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KBLXRB4PTX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c13::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:12:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cyfirma.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/
42 B
408 B
Image
General
Full URL
https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KBLXRB4PTX&cid=1625834661.1704892371&gtm=45je4180v897044746z8852032066&aip=1&dma=0&gcd=11l1l1l1l1&z=1683541199
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/outofband/a-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:12:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
k.clarity.ms/
0
295 B
XHR
General
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.cyfirma.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.cyfirma.com
Date
Wed, 10 Jan 2024 13:12:51 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
/
px.ads.linkedin.com/wa/
0
195 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://www.cyfirma.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Jan 2024 13:12:51 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 6861DCF536374DA7AEB7656A4619D8BF Ref B: TYAEDGE0706 Ref C: 2024-01-10T13:12:51Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
access-control-allow-origin
https://www.cyfirma.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYOlzAriBXt0JnHiZqYxQ==
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6E9294E8A5C04F0DB0FA91F3BC51C6D5&RedC=c.clarity.ms&MXFR=36B0480EA7256BA621C95C0CA3256577
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6E9294E8A5C04F0DB0FA91F3BC51C6D5&MUID=170A4C620BEB63D9183858600A196295
42 B
441 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6E9294E8A5C04F0DB0FA91F3BC51C6D5&MUID=170A4C620BEB63D9183858600A196295
Protocol
H2
Server
20.205.115.81 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:12:50 GMT
last-modified
Tue, 12 Dec 2023 19:03:29 GMT
server
Microsoft-IIS/10.0
etag
"e8d91e42d2dda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:12:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CCACEE94936B499EAA3FE990438D0F14 Ref B: TYBEDGE0621 Ref C: 2024-01-10T13:12:51Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6E9294E8A5C04F0DB0FA91F3BC51C6D5&MUID=170A4C620BEB63D9183858600A196295
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
e86bbe72943a40126382f5f76f656290.gif
moderate1.cleantalk.org/pixel/
43 B
364 B
Image
General
Full URL
https://moderate1.cleantalk.org/pixel/e86bbe72943a40126382f5f76f656290.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2604:a880:4:1d0::4cf:c000 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 13:12:52 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
collect
k.clarity.ms/
0
295 B
XHR
General
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.cyfirma.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.cyfirma.com
Date
Wed, 10 Jan 2024 13:12:52 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture boolean| hideChatWidget string| custWidgetId object| fwcrm function| jQuery object| freshsales object| ZargetUrlChangeTrigger function| beforeunload boolean| zg_is_new_visitor object| zargetCookie function| zg_selector function| integrations function| zg_projectProps function| runZGHeatmap function| runZGPausedExp object| expEvt function| zarget$ function| fm_$ object| zargetAPI object| FMApi object| triggerHeatmapExperiment object| bulkDetails object| FM object| session object| dataLayer function| turnstileCallbackFunction function| apbct_attach_event_handler__backend object| _wpemojiSettings object| turnstile function| $ object| devtools object| ctPublicFunctions object| ctPublic function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| _inherits function| _setPrototypeOf function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _isNativeReflectConstruct function| _getPrototypeOf function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof function| _classCallCheck function| _defineProperties function| _createClass function| _defineProperty function| ApbctCore function| apbct function| ApbctXhr function| ApbctAjax function| ApbctRest function| ctSetCookie function| ctSetAlternativeCookie function| ctGetCookie function| ctDeleteCookie function| apbct_public_sendAJAX function| apbct_public_sendREST object| apbctLocalStorage object| ct_date number| ctTimeMs boolean| ctMouseEventTimerFlag object| ctMouseData number| ctMouseDataCounter object| ctCheckedEmails function| apbct_attach_event_handler function| apbct_remove_event_handler number| ctMouseReadInterval number| ctMouseWriteDataInterval function| ctFunctionFirstKey function| ctFunctionMouseMove function| ctMouseStopData function| ctKeyStopStopListening function| checkEmail function| ctSetPixelImg function| ctGetPixelUrl function| ctSetHasScrolled function| ctSetMouseMoved function| ctPreloadLocalStorage function| apbct_ready function| ctFillDecodedEmailHandler function| apbctAjaxEmailDecode function| apbctEmailEncoderCallback function| getJavascriptClientData function| removeDoubleJsonEncoding function| ctProcessDecodedDataResult function| ctFillDecodedEmail function| ctShowDecodeComment function| apbct_collect_visible_fields function| apbct_visible_fields_set_cookie function| apbct_js_keys__set_input_value function| apbctGetScreenInfo function| ctParseBlockMessage function| ctSetPixelUrlLocalstorage function| ctNoCookieConstructHiddenField function| ctNoCookieGetForms function| ctNoCookieAttachHiddenFieldsToForms object| cleantalkModal object| buttons_to_handle function| apbct_gdpr_handle_buttons function| ct_protect_external function| formIsExclusion function| apbctProcessIframes function| apbctProcessExternalForm function| apbct_replace_inputs_values_from_other_form function| isIntegratedForm function| sendAjaxCheckingFormData function| ct_check_internal function| ct_check_internal__is_exclude_form object| WPMLLanguageSwitcherDropdownClick function| gtag object| wpcf7r object| wpcf7_redirect object| swv object| wpcf7 object| cf7msm_posted_data function| renderInvisibleReCaptcha function| pJS function| hexToRgb function| clamp function| isInArray function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS object| bootstrap boolean| mCustomScrollbar object| frontobj object| twemoji object| wp object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| clarity function| lintrk boolean| _already_called_lintrk object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| ORIBILI

43 Cookies

Domain/Path Name / Value
www.cyfirma.com/ Name: apbct_site_landing_ts
Value: 1704892368
.www.cyfirma.com/ Name: apbct_site_referer
Value: UNKNOWN
www.cyfirma.com/ Name: PHPSESSID
Value: 8n9mdqlbfcbf99p03abu7ibcho
.cyfirma.com/ Name: _fw_crm_v
Value: 7475f4fa-af6c-439b-e734-8280e17f86b3
www.cyfirma.com/ Name: first_session
Value: %7B%22visits%22%3A1%2C%22start%22%3A1704892370208%2C%22last_visit%22%3A1704892370208%2C%22url%22%3A%22https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F%22%2C%22path%22%3A%22%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F%22%2C%22referrer%22%3A%22%22%2C%22referrer_info%22%3A%7B%22host%22%3A%22%22%2C%22path%22%3A%22blank%22%2C%22protocol%22%3A%22about%3A%22%2C%22port%22%3A80%2C%22search%22%3A%22%22%2C%22query%22%3A%7B%7D%7D%2C%22search%22%3A%7B%22engine%22%3Anull%2C%22query%22%3Anull%7D%2C%22version%22%3A0.4%7D
www.cyfirma.com/ Name: ct_ps_timestamp
Value: 1704892370
www.cyfirma.com/ Name: ct_fkp_timestamp
Value: 0
www.cyfirma.com/ Name: ct_timezone
Value: 9
www.cyfirma.com/ Name: ct_screen_info
Value: %7B%22fullWidth%22%3A1600%2C%22fullHeight%22%3A16256%2C%22visibleWidth%22%3A1600%2C%22visibleHeight%22%3A1200%7D
www.cyfirma.com/ Name: apbct_headless
Value: false
www.cyfirma.com/ Name: ct_checked_emails
Value: 0
www.cyfirma.com/ Name: ct_checkjs
Value: c29295420ae51592fbf97bd6050c16e002e3c7ecd4e824f7217f9244bfef7e1d
.www.cyfirma.com/ Name: _ga
Value: GA1.3.1625834661.1704892371
.www.cyfirma.com/ Name: _gid
Value: GA1.3.111358889.1704892371
.www.cyfirma.com/ Name: _gat_UA-80179732-4
Value: 1
.cyfirma.com/ Name: _gid
Value: GA1.2.111358889.1704892371
.cyfirma.com/ Name: _gat_gtag_UA_80179732_4
Value: 1
.linkedin.com/ Name: li_sugr
Value: 8a49fb58-6f2d-4540-b102-1695557706fa
.linkedin.com/ Name: bcookie
Value: "v=2&a909b997-4642-4e67-8725-2574864f3882"
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=3062:u=1:x=1:i=1704892370:t=1704978770:v=2:sig=AQFIueue-R-A9YeJV8c-mzIDzkeMXbA8"
www.clarity.ms/ Name: CLID
Value: 567fb61fb8184c50bd6e49fb585e972d.20240110.20250109
.cyfirma.com/ Name: _clck
Value: mbuwuj%7C2%7Cfia%7C0%7C1470
.linkedin.com/ Name: UserMatchHistory
Value: AQIPGLD80JOtMgAAAYzzgQ-LyQBD3-EpK3yWYfkXr5k1hv-cBv4_kZZE5Z3Ie5N9RcAmcFc2JbUaoQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLH5Qookikq-AAAAYzzgQ-LtXuGeFU2t7bO6I8jYDqe69UNetAZCxTsSyZ-X7MopRnLKVTjoH-i_RvLUumojQ
.cyfirma.com/ Name: _ga_XN67BK9M7N
Value: GS1.1.1704892370.1.0.1704892370.0.0.0
.cyfirma.com/ Name: _ga
Value: GA1.1.1625834661.1704892371
.cyfirma.com/ Name: _ga_KBLXRB4PTX
Value: GS1.1.1704892370.1.0.1704892370.60.0.0
.www.linkedin.com/ Name: bscookie
Value: "v=1&202401101312509a794135-c902-470d-8ff3-24a317fc2ce8AQEfcFIv0_yO09r3a81IVDihnLSE635n"
www.cyfirma.com/ Name: apbct_timestamp
Value: 1704892370
www.cyfirma.com/ Name: apbct_page_hits
Value: 2
.bing.com/ Name: MUID
Value: 170A4C620BEB63D9183858600A196295
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 170A4C620BEB63D9183858600A196295
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 170A4C620BEB63D9183858600A196295
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
www.cyfirma.com/ Name: ct_pointer_data
Value: %5B%5D
.cyfirma.com/ Name: _clsk
Value: 1n7vgcw%7C1704892371754%7C1%7C1%7Ck.clarity.ms%2Fcollect
www.cyfirma.com/ Name: apbct_prev_referer
Value: https%3A%2F%2Fwww.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F
www.cyfirma.com/ Name: apbct_cookies_test
Value: %257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_prev_referer%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522753536108a3b5db5e9bbe93a91611835%2522%257D
.www.cyfirma.com/ Name: apbct_urls
Value: %7B%22www.cyfirma.com%2Foutofband%2Fa-gamer-turned-malware-developer-diving-into-silverrat-and-its-syrian-roots%2F%22%3A%5B1704892368%5D%2C%22www.cyfirma.com%2Fwp-json%2Fcleantalk-antispam%2Fv1%2Fapbct_get_pixel_url%22%3A%5B1704892370%5D%7D
www.cyfirma.com/ Name: apbct_pixel_url
Value: https%3A%2F%2Fmoderate1.cleantalk.org%2Fpixel%2Fe86bbe72943a40126382f5f76f656290.gif

1 Console Messages

Source Level URL
Text
network error URL: https://www.cyfirma.com/template/assets/media/2022/09/footerbg.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
c.bing.com
c.clarity.ms
challenges.cloudflare.com
cyfirma.com
fonts.googleapis.com
fonts.gstatic.com
in.fw-cdn.com
k.clarity.ms
moderate1.cleantalk.org
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
stats.g.doubleclick.net
www.clarity.ms
www.cyfirma.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
13.107.42.14
18.182.94.20
18.65.207.72
20.205.115.81
20.96.88.162
2001:4860:4802:38::181
2404:6800:4004:820::2003
2404:6800:4004:820::2004
2404:6800:4004:821::2003
2404:6800:4004:824::2008
2404:6800:4004:824::200a
2404:6800:4004:824::200e
2404:6800:4004:828::2003
2404:6800:4008:c13::9c
2600:140b:1a00:14::17dc:5499
2604:a880:4:1d0::4cf:c000
2606:4700:10::ac43:18d6
2606:4700::6811:3b8
2620:1ec:21::14
2620:1ec:bdf::46
2620:1ec:c11::200
009d8e828442a15c0a04584387147fd7bb1dbec862ae616ad7a327ad496ec10c
0160289f88acaad5015d6305885ffbedbade942652a0b8f2bac34ebcf7bde9f2
07ce60e24df059952c6c4f6a82cdb94603280a563a2c2e467f71dc712d0892a7
114f4522eee1d9ff4754183088a405ab26fd9069a124e4b97f42a95ef95171d5
1aa4c3d21c2a86169948b5acc1bf4a8589bd4898c5bca6f46a20ae8727b30179
22e1d4ca8e3b35d99f52810f28e11145a323dd0e849caea9ae81f34e19adcb65
23411e3962d39eefa1bf12330e1d03ffbc11b2b7b1483f3840ddf33dc79ef506
287e1b30ad2973257cbb28a7e07b6715a1cebc74f796c4948e4fcecc4ab9cc6c
290dc8deb77632ee52a3e08c01def62f5fb715b5c85fbc4afaa99a3c8b4d1a4e
2961bb57dcfff925f2e03ad6ad741a457b5f5482bd5b5c221cc20d5d1bfb4268
29bfb862f8695877b9520dbfb08d1774c96d1bbc5c910825fcd664ed92d26590
2fbb1317e09b00ee140f43e416c854d5f3706c122c18653259a8fe63ef94119a
33486529333d62be05c0096dfcdc78e14b783f6f476c403f1683a3de5ffc09eb
35ea2a6a42eda7dd186ca523112421862cf95b0c7ea9f802ccae3814fbc4924e
360197d0049d6ec7819e9403de215bc4b7bb628fd34f90e5a8897c08e03dfa02
3b22ab3b9fcb87360c73ec15bcb41922631c3c885f6655ad765cad19a8bc4873
3b2d1114a960c43692ad2909005aa641bc406fb1f6c5714bc2d2185b5c3b2129
40790d44e3deecffafb17b8cdd23a754eabb0faee9c6dfeb3a3b7b17c2fbaa6a
425a515894a7215256e54706cc640acbb4fb34fd17eb29b374846d8b106e6f8e
47c58e41e2f38d9813c39b6641c96e12408522bf774779cb58973f67303875a7
4813a394e45fd92bcc4ea6f2c58aad3c7a705a3f919be52bc8cc1ae3d780bf27
4948aa9fd1875b6f894bf7ac085914baf38bc27d8b0699864a849c7b7f233ca7
4dd3b652748e8e94f3b6b76d41becbb29b31ee51f4b6a488346a0e4e49463a70
4e191a8f0f3409ba0230d22fc8c72e49e09b295acfb32355fe0d9f303941a558
4e55b451621a060d376f1b31af3b370ea3d65ab7532ca82e875e52882deefbae
503f9aa8675e396e6feec3369148a12f5c863c5068d573e72a3f2f4d217ac0d3
52df45ba01cc35fbdd91ed56a522caf586eddb395fac843dfd18212cdd204d88
539f5ac9dfd20b0944a5dcbf121289df379e4197e9263006b96b931c7bc18c5b
5a53a9bfe4eff5bbf862f07880bca00665a89b61f9186060d514dc6590b60529
5a9b84b9b18224ebadcc2d87504030ba4e6441464bfd8526072ef21ac6af94f0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b431cd3e46b1b838277b94d965395353337d85e6671485b4ce10c11ec6dc31e
5cf1bb5e4b0212164c1cedcbc1cf2d8b7cc399077fc89875d6bbdfbb349571f4
628bcaab7fd5bedc4a3835f2a8751fd172a8aa19525381cd8d24d8c71ae1476f
63ab9a2fb6fb65ca5debaa8686408bab41a073db2d5abcf0db248279d944ac51
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
738d4cf265345f71cce17d9a69eb8f20df5de1fa2a6e5be1c6ca76824cf8745a
7cf8b2588497dcd12fa96a75731c6ec327491f8d55f18da0af72b70afa6713af
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
81aa5cbc19aa26564505a051e0222deb4b4c2c4eec6df548107e009ce753f8d2
850e587a96f9cad84206169720be046f289fa015e4b76b6ae79610c9d73c7eef
893457445b0ccaec3a0dcdcafc1fae03a4184efc7ccd112c5433d65c1101533a
8c1f806310322c848c4c996ca568a03b3b16cf9487cbccf09aef3cf17e2c643d
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94abca203c15bd422d0e66e1c49755ea348088e2cebc10426464bc4aaa0f6207
974e81270e14d0829929fe7cf9e20bd0ad6c651a6c4203b6799740b970174a52
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf
9d08b3c4e0d31ee8c5be246045c0424c3ce505645aab663364ec8bd8eaf37592
a165a7c7659182efd6321498ed0769dbd1a2962514cf9ab4d78edd79623fcd3e
a3eb2d0caf3502359966882d146b1a75e34bf933cbdace1c286395ea3fd1f567
a544124f98add2e2d508d975d9f14d21c2721681010ff33006518d8a2a2123c4
a7f77727ac33b55651b0ee174a6a5d44b1a8820b743c37ec8fac709c0762ae26
a9bedb566e4c72916581634e62c27865c5e69c7257b6f13ce273688d85709b55
aef306d8dc297f057d650b2e03a3c79b8f8aa29aeaa9f7f19b4f4a5c5d3e88f1
b06c480414c04b76546b7601ae434ee037f1a2f3d2c368fea636b4ec60a30cb5
b1f1d89b9c373054ecf43ccd99500a7bd903dbf7d41f40dc697bc6fc5dffd7b4
b23a5e62bb16bd36bfa1555d3f741821201496ac4b6d2cc974549568adadec88
b255ade25a6f2c7887e210f249b590271eb560a1e54ecc7b17dc7230baf22a90
b336cf8710d8097c7de836d5534ff7c803b00c260c9500a4cb4b95f1905230c1
b3f0821b7f02d92d9e2edfc85f833468f09ba25818636baa69f54f36ca3b8054
b4bbe64fbb54cf16c604fb0a3516b05712f98e18efaeee113025beeb70c252e9
b82368a28809e066c7a394775e69bc6ce1ca857317222b8b0ea4ffe53ae5b5f3
b83c6996b8b62de253d21d5c66caef7e9475d216b125c183a3231aa342cc1eaf
b8fcb863e9702bbbf1786ed6a0516907748eb7243b9f595e812d8b8dd443c0d3
b9543edfb5dc8f9d0cf2518a9aab7259016f28581732641916e3ab81e1cef41f
bb2ccb10404cc6a241da8ff58b2ccb32e483c021f9123c09d4e5f565af4fc718
c33c0724121785c794440f67ebfb65eafe1edc8e387fd0825bfa9c01a6c4828d
c43ae1ac836ab2e2c6f5409d5912f1246383abe0955cb2e1a6ef6f4718dd988c
c94dd11355000b0cecf42078c7b07c4b60a96d2ac812c87638e7fc66a7e0b866
c9a988299989a8fbd7a22ff37852ef5ae229f01f66b8609bd5b3480c6a26f626
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1c3d9ebb615025fc6e72a353af5c9060e9457c8143aa044e9d7e30682ef44ec
d3da2adabcb26b0d20d5ddf91e3b608996801e6d8a99a739bb041f9c9628539c
d48967aaca726e44ee4b913413dae250065aa8b631599cb291e92324453d1370
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfdb442f3cefaf2cdac354f011905aa766d027e6820fabc4499f243598f9c561
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e8e5aea71b92d5bc2e05586277048d2b3b558e75aa7df216a28e4b77bceecc8d
ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0822081c33dc4a9cabd9255d574f89280925c4e1f833eefb49a966243014572
f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49
f21d262ca9984228678854b0680da03521485de0d29e16a850e15e9496882859
f5121be3e86a265c52a5ad4cf1a8b7cf45f5f7a280b378edbf0e57499afb2810
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8937050d83a758064ca7c345d51c4dd96ebb950a17a9f0242680d546b32ce5a
fd8027b53a97cbd5782e85c5908e563c39776703ff9279f50658e630927b4167